Information Security Manager- Governance, Risk, & Compliance

Leadership & execution

• Lead day-to-day operations including the Third-Party Risk Management program, while maintaining SLAs aligned with business requirements.
• Communicate and prioritize the security team's assignments while communicating and developing milestones according to leadership direction.
• Provide mentorship and knowledge transfer to other security team members on technical solutions and risk assessments.
• Lead, execute, and drive processes as they apply to projects and assignments.
• Ability to think strategically, plan methodically, and execute tactically.
• Act as an advocate for Information Security projects while identifying creative solutions to ensure progress is made.
• Drive remediation activities by developing communication channels with key stakeholders.
• Develop tactical roadmaps that align with departmental goals and objectives.
• Produce frequent metrics and KPI's that measure program status.

Operations, Collaboration & Partnerships

• Possess strong organizational skills with a history of successfully managing multiple team projects and operational tasks.
• Display excellent communication skills with the ability to professionally and effectively.
• Evaluate and recommend new products, maintain knowledge of emerging technologies, cloud security standards, and industry trends.
• Maintain the annual schedule for reviewing and updating security policies and standards.
• Co-develop and update new and existing security policies and standards.
• Create and communicate team operational processes to maintain productivity and increase performance.
• Experience collaborating with senior leadership and other levels of management.
• Identify and qualify risk in on-premises or hybrid/multi-cloud deployments.
• High-level of verbal skills with past success leading team and project meetings.
• Work with outside vendors and consultants to identify tools to meet or exceed requirements.
• Conduct Third-Party Risk Assessments and architectural reviews to support the integration of new enterprise technology solutions.
• Enforce compliance with company policies and standards.
• Perform litigation and data discovery actions while partnering with internal counsel.

Performance Improvement

• Develop new automated solutions to increase efficiency of manual processes.
• Test and integrate new Artificial Intelligence solutions to solve common problems and eliminate wasteful processes.
• Help the security team to maintain a level of excellence.
• Develop and evaluate high quality performance metrics to establish process success.
• Produce high quality results that set the example amongst team members.
• Track and report on operations while constantly looking for ways to make things work better, faster, and smoother.
• Deliver team assignments on time based on leadership direction and priority.
• Take ownership of personal and professional development and training needed to excel in your role.
• Remain resilient and flexible to program adjustments with a positive outlook to changing priorities.

We are looking for a detail-oriented individual to lead and drive quality-related security work for Sinclair's enterprise Information Security program. The ideal candidate will fill the role of Information Security Manager - Governance, Risk, & Compliance with a focus on managing team operational tasks related to Third-Party Risk Assessments, automation, policy development, corporate risk registry maintenance, phishing and social engineering campaigns, and organizational security awareness training. You will track, report, and manage the day-to-day operational tasks for the Security GRC group, assist team members with prioritizing their assignments, and perform hands-on engineering tasks as a part of core responsibilities. This leadership role reports to the Senior Director of Information Security and is responsible for small team of direct reports.

The candidate must be a self-starter, have excellent organizational skills, possess strong and polished communication skills, and can articulately champion security topics to internal and external customers. Must be able to thrive in a highly visible and fast-paced role, with the ability to manage multiple projects and a variety of operational tasks.

This is a hybrid position which will require the candidate to work on-site in Hunt Valley Maryland up to three times per week., * Bachelor's degree in IT or security related discipline preferred, or 7 years of experience in lieu of a degree.

• Active security certifications including CISSP, CISM, CGEIT, or other risk-based credentials.
• 5+ years of Information Security experience preferably in the private sector (broadcast experience a plus)
• At least 1 year of experience in a manager or program manager role.
• 3+ years of experience executing tasks for Third-Party Risk Management, Data Privacy, policy development, and security awareness training.
• Hands-on experience with MO365 Purview including eDiscovery and litigation actions.
• Experience developing detailed quality trending metrics from scratch.
• Experience managing Enterprise security GRC and Third-Party risk tools.
• Previous engineering experience (Security Operations or Engineering).
• Experience with multi-cloud platforms (Azure, O365, AWS, GPC, etc.).
• High level knowledge associated with risk management, data governance and privacy, and compliance activities in a distributed environment.
• Hands-on experience with security standards and compliance frameworks (SOC-2, NIST 800-53 series, FAIR, etc.).
• Knowledge of current data privacy laws (CCPA, CPRA, GDPR).

Please note that this position is not eligible for visa sponsorship, including employer sponsorship for an H-1B visa, OPT-STEM employment, etc.

The base salary compensation range for this role is $99,000to $132,500. Final compensation for this role will be determined by various factors such as a candidate's relevant work experience, skills, certifications, and geographic location. Full time positions are eligible for benefits that include participation in a retirement plan, quarterly and annual incentive plan bonuses, life and disability insurance, health, dental and vision plans, flexible spending accounts, 15 paid vacation days, 2 paid personal days, 9 paid holidays, 40 hours of paid sick leave, parental leave, and employee stock purchase plan.

Sinclair, Inc. (Nasdaq: SBGI) is a diversified media company and a leading provider of local news and sports. The Company owns, operates and/or provides services to 177 television stations in 79 markets affiliated with all major broadcast networks; owns Tennis Channel, the premium destination for tennis enthusiasts; and multicast networks CHARGE, Comet, ROAR and The Nest. Sinclair's AMP Media produces a growing portfolio of digital content and original podcasts. Additional information about Sinclair can be found at www.sbgi.net . About the Team The life-blood of our organization is our people. We have a compelling story, a goal-oriented culture, and we take really good care of people. How good? Here is a glimpse: great benefits, open-door policy, upward mobility and a strong desire to see you succeed. Ready to be part of a winning team? Let's talk.