Universal Orlando Resort believes in-person collaboration is key to our success. Many of our Team Members work in a hybrid capacity, contributing from the workplace a minimum of three days per week. Some remote opportunities are available within specific departments. There are also roles that require being on-site full time. You’ll learn more about this during the application process.
JOB SUMMARY: Responsible for daily and long-term administration of Universal Parks and Resorts Parks Technology Compliance Management process. Leads various security and risk management related initiatives, including developing conceptual ideas into actionable implementation plans, monitoring, analyzing and execution of security and compliance projects based on requirements including but not limited to PCI, HIPAA, SOX, Safe Harbor, Red Flag etc. Responsibilities include supporting IT Security & Compliance activities, internal/external audits, evaluation, and management (vulnerability risk, etc.), metrics reporting, resolution of compliance issues, enforcement of information security guidelines, policies, documentation creation/management, and collaborating across numerous Information Technology (IT) disciplines to reduce the overall risk to the network and continuously improve our security posture.
MAJOR RESPONSIBILITIES:
- Acts as a subject matter expert in IT Security Compliance systems by assisting Sr. Leadership in defining, administering, and maintaining policies and procedures for effective compliance management for all applicable IT related rules and regulations. Creates automated systems and management processes for effective compliance reporting and remediation. Manage/administer security assets. Lead vulnerability and patch management efforts that include managing the vulnerability management tools, network asset scanning, and remediation efforts that include vulnerability prioritization and action plans, mitigation activities, and active communication to stakeholders. Analyze, evaluate, and determine applicable security deficiencies and risks to web applications, databases, operating systems, network devices, and endpoint systems. Collaborate across various Information Technology (IT) teams to drive overall remediation/mitigation plans.
- Provide analytical key input to risk areas, vulnerabilities, remediation, and the network security posture. Provide support and evidence collection for internal/external audits and risk assessments. Assess internal and production environments on an ongoing basis to meet compliance. Assist internal business departments in classifying and securing sensitive information. Collaborates with internal customers including HR, Security and Internal Audit, users, staff members, and I.T. colleagues to assist in the definition, development, and documentation of compliance related business requirements, objectives, deliverables, and specifications for projects and activities. Author, maintain, and update internal processes, procedures, and functional operational workflows.
- Manages IT Security and Compliance project teams to ensure Company IT Security standards are maintained.
- Participates in risk assessment and risk management by working closely with the Change Incident Manager, Information Security and Project Managers to reduce incidents and minimize change risks of IT production environment and report situations of non-compliance. Analyze IT Security reports to identify trends and root cause analysis.
- Manages regularly scheduled audits and reviews of all appropriate IT assets to ensure compliance with contract specifications. Interpret audit, compliance, risk, and vulnerability reports from various software tools and sources.
- Understands and actively participates in Environmental, Health & Safety responsibilities by following established UO policy, procedures, training, and team member involvement activities.
- Performs other duties as assigned.
EDUCATION:
- Bachelor’s degree in Business Administration or Computer Sciences is required.
- Master’s degree preferred.
- Applicable work experience could be considered in lieu of degree.
EXPERIENCE:
- 7+ years relevant experience required.
- Extensive IT experience with 5+ years in a Security and Compliance role that includes defining strategy, implementing new processes, project management, vendor, and contract management.
- Extensive experience with hardware/software security lifecycle including regulations such as PCI, HIPAA, SOX etc.; ITIL Foundations preferred.
- Web Proxy, IPS, IDS, VPN, Identity Management, Email/Spam filter and SIEM experience preferred.
- Working understanding of Windows platforms.
- MS Excel Proficiency.
- Extensive knowledge and experience working with applicable data security and privacy practices and laws.
- ; or equivalent combination of education and experience.
ADDITIONAL INFORMATION: Overtime hours may be required to meet project deadlines.
Your talent, skills and experience will be rewarded with a competitive compensation package.
Universal is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at Universal Orlando via-email, the Internet or in any form and/or method without a valid written Statement of Work in place for this position from Universal Orlando HR/Recruitment will be deemed the sole property of Universal Orlando. No fee will be paid in the event the candidate is hired by Universal Orlando as a result of the referral or through other means.
Universal Orlando Resort. Here you can.
Universal Orlando is an equal opportunity employer. Universal elements and all related indicia TM & © 2024 Universal Studios. All rights reserved. EOE
