DescriptionScopely is looking for a Sr. Manager, Security Risk Manager to join the Information Security team remotely in Europe!At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues or through our deep connections with our communities of players.We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily. What You Will DoAssess compliance with internal security controls to ensure adherence to company policies and standardsOversee the periodic review and governance of security policies and standards documents, ensuring they are current, effective, and appropriately governedManage the entire lifecycle of security risks from identification and assessment through mitigation, monitoring, and reportingSupport the continuous improvement of security controls, aligning them with NIST and ISO security frameworkConduct internal risk assessments to identify and address potential security risks across the organizationRecommend proactive improvements and strategic initiatives to address emerging security risksIdentify opportunities to leverage automation and AI for streamlining risk assessments, audits, and reporting processesPerform third-party business partner risk assessments using our internal security questionnaire, evaluating the security posture of partners and service providersFacilitate risk-gathering sessions to maintain a comprehensive understanding of the risk landscape and update the risk register accordinglyManage and respond to external assessments requested by consulting firms, insurance underwriters, licensors, and business relationships that require security and data privacy evaluationsCollaborate with our parent company's internal audit team, as needed, to support and align with broader security and compliance objectivesDocument and report on findings from external assessments, providing actionable insights and recommendations to stakeholdersMaintain and update the risk register, ensuring it accurately reflects current risks, mitigation strategies, and status updatesPrepare regular reports for senior leadership on the status of security risks, compliance, and assessment outcomesDevelop and monitor key metrics related to security risk management, identifying trends and improvement areasWhat We're Looking ForBachelor's degree in Information Security, Computer Science, or a related field or equivalent experience6+ years of experience in security risk management, compliance, or related fields.Strong knowledge of NIST, ISO 27001 / 27002, and other security frameworks.Experience conducting internal and third-party risk assessments.Familiarity with maintaining a risk register and developing risk management reports for senior leadership.Strong project management skills, with the ability to oversee multiple assessments and manage competing priorities.Excellent communication and interpersonal skills to collaborate effectively with internal and external stakeholders.Strong ability to communicate complex security topics to both technical and non-technical stakeholdersSecurity certifications such as CISSP, CISM, CRISC, or similar are highly preferred.Proven experience with security audits and compliance reviews.Experience in the gaming or tech industry is a plus.Proficient in risk management software and GRC tools.
#J-18808-Ljbffr