• Information Security Engineer

    Sinclair Broadcast Group (Hunt Valley, MD)


    The Information Security Engineer, Identity, Risk, and Data Governance will support an enterprise security program including Third-Party Risk Management (TPRM), awareness training, policy enforcement, and performing other security and risk related activities as assigned. The applicant should have prior experience engineering security tools with successful deployments in a large and complex commercial enterprise environment. The candidate should have experience conducting third-party, software, and vendor risk assessments, developing and enhancing security policies and standards, and hands-on knowledge of cloud (SaaS) and hybrid network infrastructure environments. The candidate will possess strong and polished communication skills, willingness and ability to present security topics to internal and external customers and thrive in a highly visible and fast-paced role.

    Responsibilities:

    _Process & execution_

    + Contribute to the creation and maturation of information security policies, standards, and processes.

    + Conduct accurate and timely third-party/vendor/service provider/software risk assessments while partnering with internal technical and non-technical teams such as legal, procurement, IT, and Security Operations.

    + Proactively manage the Policy Exception process including stakeholder engagement, driving completion with internal teams, and providing highly technical details that will be visible to senior leaders.

    + Create, adapt, and enhance weekly metrics to measure the efficacy and effectiveness of the security program.

    + Perform litigation and data retention actions to support Sinclair Legal requests.

    + Successfully operate in a fast-paced environment with shifting priorities.

    + Ability to multitask, prioritize work, and efficiently deliver simultaneous assignments while remaining flexible and resilient.

    + Maintain a high level of professionalism and integrity while frequently communicating with internal teams.

    + Focus on the quality and completeness of delivery on assignments.

    + Ability to think strategically, plan methodically, and execute tactically.

    + Take ownership of personal and professional development needed to excel in the role.

    _Collaboration & Partnerships_

    + Apply excellent communication skills to efficiently collaborate with company stakeholders and business partners.

    + Willingness to lead training webinars and present in front of large audiences.

    + Evaluate and recommend new products, maintain knowledge of emerging technologies, and maximize value from existing tool sets to ensure return on investment.

    + Demonstrate strong problem-solving skills by identifying gaps or issues and clearly formulating solutions.

    + Ensure compliance with Sinclair policies and standards.

    + Proactively respond to information security tickets and other requests according to team SLA.

    + Operating with a strong sense of teamwork and personal accountability.

    _Performance Improvement_

    + Identify areas of improvement within the security team to maintain a level of excellence.

    + Develop and deliver weekly performance metrics to measure programmatic success.

    + Design, document, and implement procedures and techniques for analyzing and evaluating risk.

    + Proactively and effectively look for ways to improve and optimize processes and techniques.

    + Research emerging technologies and provide feedback and options to leadership to effectively solve problems.

    + Champion collaboration amongst teams, quality execution on assignments, and take personal accountability for deliverables.

    + Thrive within fast-paced operational environment requiring priority adjustments, multi-tasking, and a high-level of communication skills.

    + Ability to self-motivate and go the extra mile to ensure team success.

    + Maintain a positive and customer-oriented approach.

    + Team-player who enjoys working with others.

    + Comfortable speaking to and working directly with other teams such as Legal, Audit, Privacy, and Information Technology.

    Qualifications:

    + Bachelor’s degree in an Information Security discipline with 2 years of experience or an associate’s degree with 4 years of relevant work experience.

    + Minimum of 2 years conducting third-party risk assessments including lifecycle management supporting enterprise tools and mitigation strategies.

    + At least 2 years of hands-on experience designing social engineering and phishing campaigns while understanding balance and creativity to properly train staff.

    + Hands-on experience working with enterprise 3rd party risk management solutions such as BitSight, ServiceNow, OneTrust, Security Scorecard, etc.

    + Hands-on experience conducting risk and/or self-assessment activities to identify key risk areas in the business.

    + Understanding of SOC-2 and ISO-27001 frameworks and ability to evaluate control gaps.

    + Experience conducting litigation holds and retention requests is a big plus.

    + Exceptional verbal and written communication skills with an ability to present complex information to audiences of varying subject knowledge.

    + Solid technical background with the ability to understand network and systems architectures.

    + Prior experience working in commercial multi-cloud provider environments.

    + Industry certification required in one of the following areas: (e.g., CISSP, CISM, CRISC, Security+, CISA, or equivalent).

    + Basic knowledge of current data privacy laws (CCPA/CPRA, GDPR).

    + Prior experience in the broadcast/media entertainment industries preferred.

    + Commercial enterprise experience is required.

     

    Sinclair is proud to be an equal opportunity employer and a drug free workplace. Employment practices will not be influenced or affected by virtue of an applicant's or employee's race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, age, disability, genetic information, military or veteran status or any other characteristic protected by law.

    About Sinclair:

    Sinclair, Inc. (Nasdaq: SBGI) is a diversified media company and a leading provider of local news and sports. The Company owns, operates and/or provides services to 178 television stations in 81 markets affiliated with all major broadcast networks; owns Tennis Channel, the premium destination for tennis enthusiasts; multicast networks CHARGE, Comet, ROAR and The Nest. Sinclair’s AMP Media produces a growing portfolio of digital content and original podcasts. Additional information about Sinclair can be found at  www.sbgi.net .

     

    About the Team

     

    The life-blood of our organization is our people. We have a compelling story, a goal-oriented culture, and we take really good care of people. How good? Here is a glimpse: great benefits, open-door policy, upward mobility and a strong desire to see you succeed. Ready to be part of a winning team? Let’s talk.

     

    The base salary compensation range for this role is $73,800 to $92,250. Final compensation for this role will be determined by various factors such as a candidate’s relevant work experience, skills, certifications, and geographic location. Full time positions are eligible for benefits that include participation in a retirement plan, life and disability insurance, health, dental and vision plans, flexible spending accounts, 15 paid vacation days, 2 paid personal days, 9 paid holidays, 40 hours of paid sick leave, parental leave, and employee stock purchase plan.