CBS Corporation Jobs

Job Information

CBS Corporation Information Security Analyst in New York, New York

Information Security Analyst

REF#: 33640


JOB TYPE: Full-Time Staff




CBS Corporation (NYSE: CBS.A and CBS) is a mass media company that creates and distributes industry-leading content across a variety of platforms to audiences around the world. The Company has businesses with origins that date back to the dawn of the broadcasting age as well as new ventures that operate on the leading edge of media. CBS owns the most-watched television network in the U.S. and one of the world’s largest libraries of entertainment content, making its brand — "the Eye" — one of the most recognized in business. The Company’s operations span virtually every field of media and entertainment, including cable, publishing, local TV, film and interactive. CBS’ businesses include CBS Television Network, The CW (a joint venture between CBS Corporation and Warner Bros. Entertainment), Network 10 Australia, CBS Television Studios, CBS Global Distribution Group, CBS Consumer Products, CBS Home Entertainment, CBS Interactive, CBS Sports Network, CBS Films, Showtime Networks, Pop, Smithsonian Networks, Simon & Schuster, CBS Television Stations and CBS Experiences.


CBS is seeking a Risk Analyst to join its Information Security Group. The position will be member of the Risk Management team, addressing the responsibilities below:


  • Perform vendor reviews in accordance with widely accepted security standards (e.g., ISO 27002, NIST, Shared Assessments etc.)

  • Help manage the roll out of a formal vendor risk assessment process to all impacted CBS business units

  • Help support management of security policy, standards and best practices development and maintenance

  • Support the policy exception process, identify rationale, risks and compensating controls

  • Develop and maintain metrics for the policy exception process

  • Facilitate maintenance and administration of the vendor assessment platform that supports the vendor assessment process

  • Develop and maintain metrics and KPIs for the vendor assessment process

  • Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest security risks, threats, and technology trends and incorporate information into processes, procedures, and audit preparedness activities

  • Perform other job-related duties as assigned



  • 2+ years of experience performing risk assessments of cloud/vendor hosted solutions

  • Significant understanding of the widely accepted security standards (e.g., ISO 27002, NIST, Shared Assessments etc.)

  • Experience in supporting management of vulnerability and/or risk remediation

  • Experience in supporting policy development and maintenance

  • Strong knowledge of information security across all domains and at least four years of information security experience

  • Experience with Archer or another industry standard vendor risk assessment solution

  • A demonstrable passion for the field of information security

  • Advanced communication skills (both verbal and written).

  • Ability to communicate technology issues to both technical and leadership personnel and negotiate to a mutually beneficial conclusion

  • Ability to multi-task, prioritize work and work independently

  • Process-oriented mindset

  • Able to successfully prioritize and manage to completion multiple complex tasks and deliverables, and demonstrate the highest degree of integrity and accountability in all actions

  • Bachelor’s degree in a related field

  • One or more of CISSP, GSEC, CISA, CISM, CRISC certifications strongly preferred but equivalent knowledge will be considered





Equal Opportunity Employer Minorities/Women/Veterans/Disabled