Demo
Salary Resume Critique Job Openings

Security Compliance Assessor

COMPANY 3
Santa Monica, CA Remote Full Time
POSTED ON 2/19/2025
AVAILABLE BEFORE 5/15/2025

POSITION SUMMARY :

Company3 / Method Studios (CO3 / Method) is a global leader in media and entertainment services for film, video and online content. With operations in Los Angeles, New York and around the globe, the company employs over 2,500 of the most talented, highly honored, and recognized artists and industry veterans worldwide.

The Security Compliance Assessor is responsible for ensuring the security and compliance of all information systems, data, and operations within the media and entertainment facility. This role will play a critical part in maintaining a secure and reliable environment that aligns with industry best practices, including the Motion Picture Association (MPA) guidelines and the National Institute of Standards and Technology (NIST) Cybersecurity Framework

MAIN DUTIES :

Governance, Risk & Compliance (GRC) : The Security Compliance Assessor will draft, maintain, and regularly review policies and procedures related to GRC for physical, administrative, and information systems (IS) environments. They will conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities, as well as monitor and analyze security incidents and implement appropriate response and remediation plans.

Auditing & Compliance :  The Security Compliance Assessor will participate in external audits of CO3 facilities and operations conducted by third-party auditors, conduct regular internal audits of studios to assess compliance with CO3 policies and industry standards, and daft comprehensive audit reports that clearly convey findings to systems owners and executives, including recommendations for corrective actions.

Security Controls :   They will establish and maintain internal controls aligned with the NIST Cybersecurity Framework to safeguard sensitive data and systems, and implement and manage security controls, including access control, intrusion detection / prevention systems, and data loss prevention measures.

The Security Compliance Assessor will also be responsible for the following :

Security Awareness & Training :

  • Develop and deliver comprehensive security awareness training programs for all employees, covering topics such as phishing, social engineering, and best practices for data handling and protection.
  • Track employee training completion and maintain records of training activities.

Incident Response :

  • Participate in cybersecurity simulation events and tabletop exercises to test and refine incident response plans.
  • Assist in the investigation and resolution of security incidents, including data breaches and cyberattacks.

    • Stay Informed :

  • Stay abreast of the latest security threats, vulnerabilities, and best practices in the media and entertainment industry.
  • Maintain knowledge of relevant industry standards and regulations, including those related to data privacy (e.g., GDPR, CCPA).

    • WHAT YOU BRING :

    The ideal candidate will be experienced in the information systems or computer science field, and must have solid experience in developing, implementing, and maintaining GRC frameworks. This includes risk assessments, threat modeling, and policy / procedure development. They must be able to demonstrate a deep understanding of the unique security challenges and regulatory landscape within the media and entertainment sector and be experienced with conducting both internal and external audits, analyzing findings, and producing clear, concise reports with actionable recommendations. Additional desired skills include :

  • NIST Cybersecurity Framework Knowledge : Demonstrated understanding and ability to apply the NIST Cybersecurity Framework within a real-world setting.
  • Communication & Collaboration : Excellent written and verbal communication skills are essential for interacting with various stakeholders (executives, technical teams, auditors). Must be comfortable speaking to large, diverse groups. Ability to convey complex information clearly and concisely. Ability to communicate with users of varying technical knowledge.
  • Project Management : Ability to manage multiple projects simultaneously, prioritize tasks effectively, and meet deadlines.
  • Adaptability : Ability to work under pressure in a dynamic environment.

    • The following skills are considered an asset :

  • Incident Response Experience : Prior experience in incident response activities, including investigations, containment, and remediation.
  • Data Privacy Expertise : Familiarity with relevant data privacy regulations (GDPR, CCPA, etc.) and how they impact the media and entertainment industry.
  • Technical Certifications : Relevant security certifications (e.g., CISSP, CISM, CISA) are a plus.
  • Scripting / Automation : Basic scripting skills (e.g., Python, PowerShell) can be beneficial for automating tasks and improving efficiency.
  • Cloud Security Knowledge : Familiarity with cloud security concepts and best practices, particularly relevant to cloud-based media and entertainment services.
  • Experience with industry-specific tools : Familiarity with tools commonly used in the media and entertainment industry for security monitoring, threat intelligence, or compliance management.
  • Technical Proficiency : Familiarity with common security controls (access control, IDS / IPS, DLP), and an understanding of how these technologies work within the context f a media & entertainment organization.
  • Technical Understanding : Understanding and experience with endpoint, application, and network security, identity and access management, incident response, and vulnerability management.
  • Networking Expertise : Demonstrated knowledge of networking best-practices and security protocols.

    • ABOUT THE COMPANY :

    Company 3, including its various business units and family of brands, provides a full range of Creative Services for content creators, including conceptual design, pre-vis, look development, ideation and rapid prototyping, 3D animation / CGI, motion graphics / designers, matte painting, compositing, dailies and production services, color grading, post-production finishing, marketing / trailers, live-action production, experiences, and more.

    Salary : $29 - $30

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Security Compliance Assessor?

    Sign up to receive alerts about other jobs on the Security Compliance Assessor career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $77,991 - $108,747
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $70,462 - $84,818
    Income Estimation: 
    $77,991 - $108,747
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $164,835 - $201,088
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at COMPANY 3

    Onsite Support Analyst I
    COMPANY 3
    Hired Organization Address New York, NY Full Time
    Business Unit : Company 3 Position : Onsite Support Analyst I Location : New York, NY (Onsite) Pay Range: $29.00 - $30.0...
    Head of Production
    COMPANY 3
    Hired Organization Address New York, NY Full Time
    Business Unit : Company 3 Position : Head of Production Location : New York, NY (Hybrid) Pay Range: $125,000 - $142,500 ...
    NExT Summer Intern – VFX Production
    COMPANY 3
    Hired Organization Address New York, NY Intern
    Business Unit : Company 3 Position : NExT Summer Intern - VFX Production Location : New York, NY (Remote) Pay Range: $17...
    Line Cook
    COMPANY 3
    Hired Organization Address Los Angeles, CA Full Time
    Business Unit: Company 3 Position: Line Cook Location: Hollywood, CA (Onsite) Pay Range: $18.00 - $20.00 USD hourly Posi...
    View More Jobs at COMPANY 3

    Not the job you're looking for? Here are some other Security Compliance Assessor jobs in the Santa Monica, CA area that may be a better fit.

    Security Compliance Assessor

    Company3/Method Studios, Santa Monica, CA

    Security Control Assessor-Validator (SCA-V)

    Govcio LLC, Downey, CA

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!