About the job
The Head of Platform Assurance is a senior leadership position responsible for establishing and maintaining a comprehensive assurance program to ensure the reliability, security, and resilience of our digital platforms. This role involves strategic planning, risk management, and the implementation of assurance measures to protect against technical vulnerabilities and ensure our digital initiatives meet regulatory requirements, industry standards, and organizational goals while providing a seamless and secure user experience.
Key responsibilities and accountabilities:
- Platform Assurance: Design and enforce assurance policies, procedures, and protocols across all digital platforms including VOD, radio, web, and TV. Oversee the implementation of security, performance, and resilience controls.
- Strategic Planning: Develop and implement a strategic assurance plan for the digital platforms, aligning with the company's overall objectives and goals.
- Risk Management: Identify, assess, and manage technical and security risks. Develop and maintain risk management policies and procedures.
- Security: Oversee the implementation of security measures to protect the platforms from cyber threats. Ensure ongoing monitoring and evaluation of security controls.
- Compliance: Ensure compliance with relevant regulatory requirements, industry standards, and internal policies. Stay updated on the latest regulations and security trends.
- Incident Response: Develop and manage an incident response plan for technical breaches. Lead the response to incidents including investigation, mitigation, and communication.
- Performance Optimization: Design and execute comprehensive load tests, monitor platform performance, and optimize content delivery. Implement real-time performance monitoring tools.
- User Experience Monitoring: Implement advanced real-time user experience monitoring tools. Analyze user behavior and identify pain points.
- Business Continuity: Maintain and test comprehensive Business Continuity Plans (BCP) for all critical systems. Conduct Business Impact Analysis and establish Recovery Time Objectives.
- Team Leadership: Build and lead a high-performing assurance team. Provide mentorship, guidance, and professional development opportunities to team members.
- Collaboration: Work closely with other departments including IT, legal, and product development to ensure assurance is integrated into all aspects of the digital platforms.
- Vendor Management: Oversee the selection and management of assurance vendors and service providers. Ensure third-party measures are in place and effective.
- Reporting: Provide regular reports to senior management on the status of the assurance program including risk assessments, incident responses, and compliance activities.
Skills
Technical Expertise:
- Cloud Platforms: Extensive experience with AWS, GCP, and Azure, including cloud security, architecture, and management.
- DevOps and SecDevOps: Strong understanding and experience in implementing DevOps and SecDevOps practices. Familiarity with CI/CD pipelines, automation tools, and infrastructure as code (IaC) using tools such as Jenkins, GitLab, Terraform, and Ansible.
- Containerization and Orchestration: Proficiency with Docker and Kubernetes for containerization and orchestration.
- Security Tools: Hands-on experience with security tools and technologies such as SIEM (e.g., Splunk, ELK Stack), vulnerability management (e.g., Tenable, Rapid7), WAF, DDoS protection (e.g., AWS Shield, Cloudflare), and endpoint security.
- Performance Monitoring: Proficient in using performance monitoring and APM tools such as Dynatrace, New Relic, or AppDynamics.
- Scripting and Automation: Strong scripting skills in languages such as Python, Bash, or PowerShell for automation and integration tasks.
- Data Analytics and Reporting: Experience with data analytics platforms like AWS Redshift, Azure Synapse, and reporting tools such as AWS QuickSight or PowerBI.
- Compliance and Governance: Familiarity with compliance standards and frameworks such as ISO 27001, NIST, GDPR, and CCPA. Experience in implementing governance frameworks for identity access management and data protection.
Qualifications:
- Education: Bachelor’s degree in Information Security, Computer Science, or a related field. A master’s degree or relevant certifications (CISSP, CISM, CISA) are preferred.
- Experience: At least 15 years of experience in information security or technical assurance with a minimum of 7 years in a leadership role. Experience in the digital entertainment or VOD industry is a plus.
Skills:
- In-depth knowledge of assurance frameworks, standards, and best practices (e.g., ISO 27001, NIST).
- Strong understanding of regulatory requirements (e.g., GDPR, CCPA).
- Proven ability to develop and implement strategic assurance plans.
- Excellent risk management and incident response skills.
- Strong leadership and team management abilities.
- Effective communication and interpersonal skills.
- Ability to work in a fast-paced, dynamic environment