Creative Artists Agency
Sr. Manager, Technology Governance & Risk Management
Creative Artists Agency, Nashville, Tennessee, United States, 37247
Job Description
Who We Are
Creative Artists Agency (CAA) is the leading entertainment and sports agency, with global expertise in filmed and live entertainment, digital media, publishing, sponsorship sales and endorsements, media finance, consumer investing, fashion, trademark licensing, and philanthropy. Distinguished by its culture of collaboration and exceptional client service, CAA’s diverse workforce identifies, innovates, and amplifies opportunities for the people and organizations that shape culture and inspire the world. The trailblazer of the agency business, CAA was the first to build a sports business, create an investment bank, launch a venture fund, found technology start‑up companies, establish a philanthropic arm, build a business in China, and form a brand marketing services division, among other innovations. Named Most Valuable Sports Agency by Forbes for eight consecutive years, CAA represents more than 2,000 of the world’s top athletes in football, baseball, basketball, hockey, soccer, and additional coaches, on‑air broadcasters, and sports personalities. CAA works in the areas of broadcast rights, corporate marketing initiatives, social impact, and sports properties for sales and sponsorship opportunities.
Founded in 1975, CAA is headquartered in Los Angeles and has offices in New York, Nashville, Memphis, Chicago, Miami, London, Munich, Geneva, Stockholm, Shanghai, and Beijing, among other locations globally.
The Role A Senior Manager, Technology Governance and Risk Management at CAA will set the strategic governance and risk management framework to ensure our organization’s technology operations adhere to defined internal policies, standards, industry best practices, and regulatory/legal requirements while proactively identifying and managing technology‑related risks. The role is responsible for ensuring CAA Technology and Data adheres to the IT General Controls and Sarbanes‑Oxley requirements, and will own, drive and assist in the evolution of the organization’s Technology Governance and Risk Management framework/strategy, including methodology, tools for risk assessment, issue management, monitoring, and reporting.
Key responsibilities include providing leadership, execution, and management to identify, evaluate, mitigate, and manage risk; challenging and enhancing the existing risk management strategy; and engaging with all CAA Tech and Data teams to support risk management matters, communications, training, and awareness. The role will also maintain compliance with government and industry regulations, oversee audits, coordinate disaster recovery planning, and collaborate with legal, compliance, and safety teams across the enterprise.
Responsibilities
Assemble and evolve the Technology Governance Framework, ensuring alignment with regulatory requirements (e.g., SOX) and industry best practices (e.g., COBIT, ITIL).
Develop, implement, and maintain risk‑related policies and standards (GDPR, CDPA, etc.) and communicate them across the organization.
Provide guidance on Tech policies, standards, and processes to ensure risk controls align with best‑practice frameworks.
Monitor and assess IT compliance with relevant regulations and defined policies.
Conduct risk assessments and develop mitigation strategies for IT‑related risks.
Coordinate with technology domain leads to manage CAA’s controls testing program and align with compliance, risk, and governance requirements.
Manage IT audits and ensure timely remediation of audit findings.
Implement and manage relevant tools/systems for the global Technology organization to support compliance and risk management.
Provide training and awareness programs on IT governance and compliance topics.
Stay updated on emerging IT governance trends and best practices.
Report on IT governance performance, Key Risk Indicators (KRIs), compliance KPIs, and program maturity to senior management.
Coordinate disaster recovery planning and activities across technology departments, partnering with CAA Global Safety & Security for companywide business continuity planning.
Collaborate with legal and compliance teams to ensure adherence to relevant laws, regulations, and industry standards.
Qualifications
Experience and knowledge of Technology Governance industry standards (NIST, ITIL, COBIT, SOX).
Proven experience in Technology governance, risk management, or compliance roles, preferably in a corporate setting.
Strong knowledge of regulatory frameworks, industry standards, and best practices related to Technology Governance.
Experience in Risk and Governance Platforms (OneTrust, Workiva, etc.).
Requirements
Bachelor’s degree in Information Technology, Computer Science, or a related field.
8+ years of relevant experience, specifically in performance/risk measurement; direct experience in Technology Risk Management preferred.
Excellent problem‑solving and self‑management skills for tactical and analytical problem resolution.
Experience and current knowledge of Information Security, business continuity, data management, security and encryption, vulnerability analysis, and audit.
Experience working with orchestration platforms (ServiceNow, Jira).
Ability to manage multiple projects; self‑sufficient, responsible, and dependable.
Project management skills and methodical, organized approach.
Excellent analytical skills.
Location This is a hybrid role that may be based in our New York or Nashville office.
Compensation The annual base salary for this position is in the range of $180,000 – $200,000. This position is also eligible for benefits and a discretionary bonus. Salary may vary based on experience, time in the role, business sector, and geographic location. Please speak with a CAA Recruiter to learn more.
Creative Artists Agency, LLC (the “Company”) is committed to a policy of Equal Employment Opportunity and will not discriminate on the basis of race (including hair texture and protective hairstyles), color, religion, creed, gender or sex (including pregnancy, childbirth, breastfeeding or related medical conditions), national origin, ancestry, age, physical disability, mental disability, medical condition, genetic information, family and medical care leave status, military or veteran status, marital status, family status, sexual orientation, gender identity, gender expression, political affiliation, or any other characteristic protected by applicable law. The absence of a permanent address is not a bar to employment. The Company does not discriminate against individuals based on housing status, including the absence of a fixed address. The Company also complies with the Americans with Disabilities Act and applicable state and local laws with regard to providing reasonable accommodation for qualified individuals with disabilities. CAA does not accept unsolicited resumes from third-party recruiters unless they were contractually engaged by CAA to provide candidates for a specified opening. Any such employment agency, person, or entity that submits an unsolicited resume does so with the acknowledgement and agreement that CAA will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person, or entity.
#J-18808-Ljbffr
Founded in 1975, CAA is headquartered in Los Angeles and has offices in New York, Nashville, Memphis, Chicago, Miami, London, Munich, Geneva, Stockholm, Shanghai, and Beijing, among other locations globally.
The Role A Senior Manager, Technology Governance and Risk Management at CAA will set the strategic governance and risk management framework to ensure our organization’s technology operations adhere to defined internal policies, standards, industry best practices, and regulatory/legal requirements while proactively identifying and managing technology‑related risks. The role is responsible for ensuring CAA Technology and Data adheres to the IT General Controls and Sarbanes‑Oxley requirements, and will own, drive and assist in the evolution of the organization’s Technology Governance and Risk Management framework/strategy, including methodology, tools for risk assessment, issue management, monitoring, and reporting.
Key responsibilities include providing leadership, execution, and management to identify, evaluate, mitigate, and manage risk; challenging and enhancing the existing risk management strategy; and engaging with all CAA Tech and Data teams to support risk management matters, communications, training, and awareness. The role will also maintain compliance with government and industry regulations, oversee audits, coordinate disaster recovery planning, and collaborate with legal, compliance, and safety teams across the enterprise.
Responsibilities
Assemble and evolve the Technology Governance Framework, ensuring alignment with regulatory requirements (e.g., SOX) and industry best practices (e.g., COBIT, ITIL).
Develop, implement, and maintain risk‑related policies and standards (GDPR, CDPA, etc.) and communicate them across the organization.
Provide guidance on Tech policies, standards, and processes to ensure risk controls align with best‑practice frameworks.
Monitor and assess IT compliance with relevant regulations and defined policies.
Conduct risk assessments and develop mitigation strategies for IT‑related risks.
Coordinate with technology domain leads to manage CAA’s controls testing program and align with compliance, risk, and governance requirements.
Manage IT audits and ensure timely remediation of audit findings.
Implement and manage relevant tools/systems for the global Technology organization to support compliance and risk management.
Provide training and awareness programs on IT governance and compliance topics.
Stay updated on emerging IT governance trends and best practices.
Report on IT governance performance, Key Risk Indicators (KRIs), compliance KPIs, and program maturity to senior management.
Coordinate disaster recovery planning and activities across technology departments, partnering with CAA Global Safety & Security for companywide business continuity planning.
Collaborate with legal and compliance teams to ensure adherence to relevant laws, regulations, and industry standards.
Qualifications
Experience and knowledge of Technology Governance industry standards (NIST, ITIL, COBIT, SOX).
Proven experience in Technology governance, risk management, or compliance roles, preferably in a corporate setting.
Strong knowledge of regulatory frameworks, industry standards, and best practices related to Technology Governance.
Experience in Risk and Governance Platforms (OneTrust, Workiva, etc.).
Requirements
Bachelor’s degree in Information Technology, Computer Science, or a related field.
8+ years of relevant experience, specifically in performance/risk measurement; direct experience in Technology Risk Management preferred.
Excellent problem‑solving and self‑management skills for tactical and analytical problem resolution.
Experience and current knowledge of Information Security, business continuity, data management, security and encryption, vulnerability analysis, and audit.
Experience working with orchestration platforms (ServiceNow, Jira).
Ability to manage multiple projects; self‑sufficient, responsible, and dependable.
Project management skills and methodical, organized approach.
Excellent analytical skills.
Location This is a hybrid role that may be based in our New York or Nashville office.
Compensation The annual base salary for this position is in the range of $180,000 – $200,000. This position is also eligible for benefits and a discretionary bonus. Salary may vary based on experience, time in the role, business sector, and geographic location. Please speak with a CAA Recruiter to learn more.
Creative Artists Agency, LLC (the “Company”) is committed to a policy of Equal Employment Opportunity and will not discriminate on the basis of race (including hair texture and protective hairstyles), color, religion, creed, gender or sex (including pregnancy, childbirth, breastfeeding or related medical conditions), national origin, ancestry, age, physical disability, mental disability, medical condition, genetic information, family and medical care leave status, military or veteran status, marital status, family status, sexual orientation, gender identity, gender expression, political affiliation, or any other characteristic protected by applicable law. The absence of a permanent address is not a bar to employment. The Company does not discriminate against individuals based on housing status, including the absence of a fixed address. The Company also complies with the Americans with Disabilities Act and applicable state and local laws with regard to providing reasonable accommodation for qualified individuals with disabilities. CAA does not accept unsolicited resumes from third-party recruiters unless they were contractually engaged by CAA to provide candidates for a specified opening. Any such employment agency, person, or entity that submits an unsolicited resume does so with the acknowledgement and agreement that CAA will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person, or entity.
#J-18808-Ljbffr