Cyber Security and OTT Piracy

In partnership with the CV Technology department and Third-Party Vendors, design,

develop and implement the Connected Video security governance programme and

ensure that security practices are adopted in CV

Ensure alignment with Group Infosec strategy

Analyse the threat landscape in the CV environment

Support the business with identifying, monitoring and managing internal and external

vulnerabilities and provide risk assessments and mitigation strategies to ensure

remediation of findings

Conduct periodic security risk assessments to identify gaps and controls

Development and implementation of security policies, procedures and security

incident response plans

Ensure patch and vulnerability compliance, IAM / PIM, in accordance with policies and

procedures

Actively manage / participate in anti-piracy initiatives, investigations, and activities

Implement and / or adopt security tools, resolving and preventing vulnerabilities

everywhere in the stack

Interface with engineering teams and help them with IT security projects

implementations

Understand which parts and fundamental technologies make a modern user-facing

application possible, end to end

Risk Management

Apply technical expertise and analytical skills to identify and implement the most

appropriate risk assessment technique, supporting internal stakeholders undertaking

significant, complex, or novel risk assessments

Support the development of a Governance & Risk Management framework in line with

the business objectives

Articulate and Report on Risks

Maintain the risk register, with actions and controls added to each risk

Conduct risk tracking and monitoring (including following up on actions)

Facilitate quarterly risk review workshops with the business

Head of CV Operations

Senior Manager Risk and Governance

Senior Specialist Security, Risk and

Governance

Continuously improve risk management processes

Record and distribute Progress Reports

Develop and execute risk mitigations

Conduct periodic reporting of risk register updates with the Exec Team and Group Risk

Drive awareness of risk management across CV; Implementing awareness strategies

for BCM, DR, Risk, and all relevant procedures and processes

IT Governance

Review policies and assess current policy gaps, update policies and implement

identified policies or policy changes for the year

Maintain an accurate policy, procedure, and operations tracker

Participate in Group Forums to ensure policies take the needs of a digital business into

account

Support the implementation and management of the Connected Video Information

Technology General Controls framework for a DevOps environment; including analysis

of current policies, processes, procedures and controls, identifying gaps, align to best

practices and implementing the recommendations

Manage the adherence of control objectives to respective systems

Manage governance awareness initiatives of existing policies, procedures, processes,

and administration of the various governance forums

Create new policies in line with best practices

Process assessment and improvement

Analyse CV management practices

Conduct gap analysis of existing processes

Design and Improve processes

Document processes and workflows

Develop clear and detailed process maps

Qualifications

Bcom degree in Risk Management, CRISK or equivalent

Post Graduate Governance, Risk and Compliance Management would be advantageous

OTT streaming and Video Entertainment business knowledge (Preferable)

Experience in IT risk, governance, and security, operational and corporate governance, corporate compliance, or enterprise risk

management role for a medium to large corporation. Alternatively, experience as a consultant in any of the same areas.