ABOUT FANDUEL GROUP
FanDuel Group is a world-class team of brands & products all built with one goal in mind to give fans new & innovative ways to interact with their favorite games, sports, teams, & leagues. Thats no easy task, which is why were so dedicated to building a winning team. And make no mistake, we are here to win, but we believe in winning right. That means well never compromise when it comes to looking out for our teammates. From our many opportunities for professional development to our generous insurance & paid leave policies, were committed to making sure our employees get as much out of FanDuel as we ask them to give.
FanDuel Group is based in New York, with offices in California, New Jersey, Florida, Oregon & Scotland. Our brands include:
- FanDuel A game-changing real-money fantasy sports app
- FanDuel Sportsbook Americas #1 sports betting app
- TVG The best-in-class horse racing TV/media network & betting platform
- FanDuel Racing A horse racing app built for the average sports fan
- FanDuel Casino & Betfair Casino Fan-favorite online casino apps
- FOXBet A world-class betting platform & affiliate of FanDuel Group
- PokerStars The premier online poker product & affiliate of FanDuel Group
Our roster has an opening with your name on it
We are looking for a Cybersecurity Governance Analyst in the Information Security Governance, Risk, & Compliance (GRC) team. The Cybersecurity Governance Analyst will assist in identifying, developing, implementing, & maintaining policies & standards across the enterprise to reduce information security & information technology (IT) risks.
THE GAME PLAN
Everyone on our team has a part to play
- Define, publish, & maintain Information Security policies, standards & guidelines.
- Partner with the enterprise Engineering team & other key IT leaders to create, publish, & continuously improve the information security architecture for the enterprise.
- Align Information Security processes with Cyber Security Framework such as ISO 27001, PCI, NIST, GLI-33 & SCF.
- Drive Security Awareness efforts throughout the organization
- Assist with implementing information security program & security control assessment strategy.
- Provide guidance on security controls involving password & access management, segregation of duties, logging & monitoring, data encryption, data backup & recovery, disaster recovery, business continuity management, etc.
- Review compliance with the information security policy & standards.
- Provide periodic reporting on information security issues & gaps for compliance with the enterprise information security policies, standards, & procedures among employees, contractors, alliances, & other third parties.
- Coordinate the execution of security governance & assessment control initiatives.
- Provide high quality work by ensuring accuracy & seeking to continuously improve information security processes by embracing new & better ways of doing things.
- Investigate, recommend, & follow up appropriate corrective actions for identified security deficiencies & policy exceptions.
- Identify security risks to the business units & ensure appropriate data security procedures are in alignment with policies.
- Act as a liaison to the business & IT groups & assist them in the implementation of data security, compliance requirements, & information security technologies.
- Assist projects as needed by business & provide guidance/training to less experienced staff within the GRC team.
What were looking for in our next teammate
- 3+ years of documenting Information Security Governance documentation, technical experience in the security aspects of multiple platforms, operating systems, software, communications & network protocols or an equivalent combination of education & work experience.
- Minimum of 3 years of Risk Management, Information Security, IT Auditing or equivalent experience
- Demonstrate a strong understanding of the Information Security, IT environment & its impact on business risk.
- Strong understanding of SCF, NIST & ISO control framework.
- Strong interpersonal skills with the ability to work effectively in a matrixed organization.
- Strong project management skills, technical writing & presentation skills
- Ability to rapidly learn & apply advanced & emerging technical security principles, theories, & concepts.
- Ability to work under pressure with a positive mindset
- Strong knowledge of cloud security concepts & Devsecops practices
- Exceptional analytical ability, communication & project management skills, & the ability to work effectively with all levels within the organization, IT management & staff, vendors, & consultants.
- Strengthen relationships with cross functional teams to promote collaboration & cohesiveness.
- Easily adapt to a rapidly evolving, faced paced, cyber security environment as it relates to changes in strategy or risk.
- Public Cloud experience preferred.
- Experience with using GRC platforms
- Demonstrate ability to develop a strategy, & design & execute on the associated plan.
- Strong organizational skills & attention to detail.
- Bachelors degree or at least minimum of 3 years of Technical Risk Management, Information Security, IT Auditing or equivalent experience preferred
- Certifications preferred (CISA, CRISC, CGEIT, CISM, CISSP, CCSK, CCSP, PCI, etc.)
We treat our team right
Competitive compensation is just the beginning. As part of our team, you can expect:
- An exciting & fun environment committed to driving real growth
- Opportunities to build really cool products that fans love
- Mentorship & professional development resources to help you refine your game
- Flexible vacation allowance to let you refuel
- Hall of Fame benefit programs & platforms
FanDuel Group is an equal opportunities employer. Diversity & inclusion in FanDuel means that we respect & value everyone as individuals. We don't tolerate bias, judgement or harassment. Our focus is on developing employees so that they reach their full potential.