Security Assessment Specialist

Requisition Number: 155078

Position Title: Security Operations Specialist

External Description:

Security Assessment Specialist

The Company

We’re EA—the world’s largest video game publisher. You’re probably familiar with many of our titles—Madden, FIFA, The Sims, Need for Speed, Dead Space and Battlefield, to name a few. But maybe you don’t know how we’re committed to creating games for every platform—from social to mobile to console—to give our consumers that anytime, anywhere access they demand. What does that mean for you? It means more opportunities to unleash your creative genius, be inspired by those around you and ignite your path in any direction you choose.

 Security Risk and Management Departmental Overview

The role of the EA Security department, at the highest level, is to protect the corporation by reducing EA’s exposure to significant security risks by raising awareness and providing a measured, proportionate set of Security and Risk Management controls, services and solutions. This department also ensures that EA is meeting required security standards as defined by a variety of different regulatory bodies. Vision: Protect EA’s critical IP, assets, and data while enabling the business to operate securely and effectively. Mission: To reduce the overall exposure to security risks by implementing leading technologies, security best practices and processes, raising security awareness to the business, and managing EA's risk to threats. 

Main Purpose of the Role

The Security Assessment Specialist will work and report to the Security Operations Manager and Director of Governance Risk and Compliance to assist with the Third Party Security Risk Assessment program. The goal of the program is to protect EA's commercial interests by reducing known and identified risks associated with entrusting external partners with intellectual property and other sensitive assets.  The program works on a pragmatic, risk management model, with a foundation in formal frameworks that have been customized for specific application to the Entertainment Industry Technology segment.  The Security Assessment Specialist will manage incoming Security Risk Assessment requests and process them through the SRA lifecycle, partnering with internal stakeholders and key third party providers to assess security risks and track them until resolution. 

The successful candidate will work alongside colleagues spanning the globe. This position may require occasional international travel.

Key Responsibilities:

• Conduct security risk assessments for third party vendors based on an internal customized methodology mapped to ISO 27001 leveraging our internal GRC Tool.
• Identify vendor’s security gaps and discuss solutions for mitigation having a good understanding of security best practices and EA policies.
• Review vendor’s security controls and procedures, calculate risk scoring, assign corrective actions and create assessment reports.
• Cooperate and coordinate with EA Security team members and with other EA internal departments, such as game teams, IT and Legal departments to conduct security risk assessments.
• Meet service level agreements regarding response time and completion of security risk assessments.
• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) demonstrating technical competence and business acumen.
• Provide periodical metrics & reports related to security risk assessment activities to management.

Required Skills:

• Information security background, knowledge in the following security domains: Management Controls, Physical/Logical Security, Access Controls, Change Management, Asset Controls, System & Network Security, Operational Controls, Business Continuity, Compliance, etc.
• Demonstrated knowledge of recognized security industry standards ISO 27001, PCI, SSAE 18, HIPAA.
• Excellent written and verbal communications skills.
• Nice to have - CompTIA Security+, CISA, CISSP or other information security certifications.
• Nice to have – hands on experience with GRC tools, workflow automation or ticketing tools.
• Detail-oriented person.
• Customer service skills and ability to use positive language.
• Initiative and problem solving skills.
• Ability to coordinate resources to resolve problems.
• Bachelor’s degree in Computer Science or similar technical specialty.
• Very good experience with Microsoft Office programs.

KPI:

• Security risk assessments are completed within expected timeframes based on internal SLAs.
• Assure report quality reflected by the accuracy of the assessment results based on EA security controls.
• Assure that any high risk area identified during the course of an assessment is timely remediated; otherwise, ensure that proper risk acceptance is tracked via the Security Exceptions process for management sign off.

City:

State:

Community / Marketing Title: Security Assessment Specialist

Company Profile:

Electronic Arts Inc. este o companie de divertisment interactiv, lider la nivel mondial. EA oferă jocuri, conținut și servicii online pentru console conectate la Internet, calculatoare personale, telefoane mobile și tablete.

EEOText: Despre EA Electronic Arts există pentru a inspira lumea să joace. Creăm noi experiențe extraordinare de joc pentru milioanele noastre de jucători de pretutindeni, reunind oameni talentați care combină creativitatea, inovația și pasiunea. Știm că puterea noastră constă în diversitatea oamenilor noștri. Ne integrăm angajații într-o cultură incluzivă și le oferim oportunități pentru învățare și conducere, care le permit să întreprindă cele mai remarcabile și pline de satisfacție activități ale carierei lor. Angajații noștri sunt în prim-plan. Oferim pachete de beneficii cuprinzătoare, cu accent pe sănătate și bunăstare, pentru a vă susține necesitățile și pentru a vă ajuta să găsiți un echilibru între carieră și viața personală. Oferim acces la medii de lucru dinamice și cooperante, posibilități de conectare și de a vă aduce aportul prin intermediul grupurilor noastre de resurse pentru angajați, precum și sprijin pentru o viață echilibrată, cu zile libere și concediu de maternitate și de paternitate plătite, plus jocuri video gratuite și multe altele! Electronic Arts este un angajator care aplică principiul egalității de șanse. Toate deciziile de angajare sunt luate fără a ține seama de rasă, culoare, origine națională, descendență, sex, identitate sau exprimare de gen, orientare sexuală, vârstă, informații genetice, religie, dizabilități, stare medicală, sarcină, stare civilă, statut familial, statut de veteran sau orice altă caracteristică protejată de lege. De asemenea, Electronic Arts oferă locuri de muncă pentru persoanele calificate cu dizabilități, conform legislației aplicabile.

Days Open: 38

Can this position be remote?:

EEO Employer Verbiage:

EA este un angajator care oferă oportunități egale. Toate deciziile de angajare sunt luate fără a ține seama de rasă, culoare, origine națională, descendență, sex, identitate sau exprimare de gen, orientare sexuală, vârstă, informații genetice, religie, dizabilități, stare medicală, sarcină, stare civilă, statut familial sau statut de veteran. De asemenea, EA oferă locuri de muncă pentru persoanele cu handicap calificate, conform legislației aplicabile.