DIRECTOR SECURITY GOVERNANCE, RISK, AND COMPLIANCE

DIRECTOR SECURITY GOVERNANCE, RISK, AND COMPLIANCE at Hulu

Hulu is a premium streaming TV destination that seeks to captivate and connect viewers with the stories they love. We create amazing experiences that celebrate the best of entertainment and technology. We’re looking for great people who are passionate about redefining TV through innovation, unconventional thinking and embracing fun. It’s a mission that takes some serious smart, intense curiosity and determination to be the best.  Come be part of the team that’s powering play.

 

SUMMARY

Hulu’s Information Security team is seeking a Director of Security Governance, Risk, and Compliance (GRC) who will be an exceptional addition to our Information Security team. As a GRC Director, you will lead the efforts directing Hulu’s security governance, risk, and compliance efforts. The right person for this role will be a leader capable of building the strategic framework that guides Security governance and risk management decisions across the organization. If you are someone who is innovative and look for automation and improvements of processes, controls, and tools, then this is a great role for you.

 

WHAT YOU’LL DO

  • Responsible for development, delivery, and ongoing updates to Security Policies and Standards (NIST, ISO 27001, SOX, and PCI)

  • This role must be a “bridge” builder helping to coordinate and bring together various parts of the organization around a common process through the use of tools and communication channels.

  • Drive efforts to identify, quantify, communicate, and help prioritize risks to information assets.

  • Partner with business stakeholders to ensure strategic alignment of information security with business strategy.

  • Develop, measure, and maintain a security and control framework that consists of standards, measures, practices, and procedures that provides assurance of compliance to regulatory requirements (NIST, ISO 27001, PCI, CCPA, and SOX)

  • Develop and maintain a third-party risk assessment program in conjunction with Hulu’s procurement team.

  • Develop and maintain a security awareness program that educates all personnel on information security requirements.

  • Primary point of contact with Internal Audit. Periodically review, update, implement and communicate changes to Information Security policies, procedures, and general IT controls.

  • Provide information security guidance to senior management by recommending information security investments which mitigate risks, strengthen defenses, and reduce vulnerabilities for information systems and services.

  • Perform periodic risk assessments and ability to properly quantify them.

 

WHAT TO BRING

  • Demonstrated experience in leading security governance, risk, and compliance program.

  • 7+ years of experience in information security architecture, policy, strategy, and policy development

  • Possess exceptional written and verbal communication skills as well as customer service skills

  • Possess strong organizational skills, both for yourself and for the team while working with many people in a fast-paced environment.

  • Ability to weigh several, often conflicting constraints and make rapid decisions in a dynamic and quickly-growing company

 

NICE-TO-HAVES

  • CISSP, CISM, CRISC certifications

  • Knowledge and understanding of Factory Analysis of Information Risk (FAIR)

  • Strong project management skills

 

We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with applicable federal, state and local laws.

Just like the best ensemble casts of our favorite shows, Hulu embraces diversity and is proud to be an Equal Opportunity Employer.