Scopely is seeking a Sr. Manager, Security Risk Manager to join the Information Security team remotely in Dublin.
We care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues or through our deep connections with our communities of players.
We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.
Key Responsibilities:
* Assess compliance with internal security controls to ensure adherence to company policies and standards.
* Oversee the periodic review and governance of security policies and standards documents, ensuring they are current, effective, and appropriately governed.
* Manage the entire lifecycle of security risks from identification and assessment through mitigation, monitoring, and reporting.
* Support the continuous improvement of security controls, aligning them with NIST and ISO security framework.
* Conduct internal risk assessments to identify and address potential security risks across the organization.
* Recommend proactive improvements and strategic initiatives to address emerging security risks.
* Identify opportunities to leverage automation and AI for streamlining risk assessments, audits, and reporting processes.
* Perform third-party business partner risk assessments using our internal security questionnaire, evaluating the security posture of partners and service providers.
* Facilitate risk-gathering sessions to maintain a comprehensive understanding of the risk landscape and update the risk register accordingly.
* Manage and respond to external assessments requested by consulting firms, insurance underwriters, licensors, and business relationships that require security and data privacy evaluations.
* Collaborate with our parent company's internal audit team, as needed, to support and align with broader security and compliance objectives.
* Document and report on findings from external assessments, providing actionable insights and recommendations to stakeholders.
* Maintain and update the risk register, ensuring it accurately reflects current risks, mitigation strategies, and status updates.
* Prepare regular reports for senior leadership on the status of security risks, compliance, and assessment outcomes.
* Develop and monitor key metrics related to security risk management, identifying trends and improvement areas.
Requirements:
* Bachelor's degree in Information Security, Computer Science, or a related field or equivalent experience.
* 6+ years of experience in security risk management, compliance, or related fields.
* Strong knowledge of NIST, ISO 27001/27002, and other security frameworks.
* Experience conducting internal and third-party risk assessments.
* Familiarity with maintaining a risk register and developing risk management reports for senior leadership.
* Strong project management skills, with the ability to oversee multiple assessments and manage competing priorities.
* Excellent communication and interpersonal skills to collaborate effectively with internal and external stakeholders.
* Strong ability to communicate complex security topics to both technical and non-technical stakeholders.
* Security certifications such as CISSP, CISM, CRISC, or similar are highly preferred.
* Proven experience with security audits and compliance reviews.
* Experience in the gaming or tech industry is a plus.
* Proficient in risk management software and GRC tools.
We create games for everyone - and want to ensure that the people behind our games reflect that We are committed to creating a diverse, supportive work environment where everyone is treated with respect.
We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure
Scopely is a global interactive entertainment and mobile-first video game company, home to many top, award-winning experiences such as