Data Privacy & Compliance Analyst III - Information Security, Risk & Review
The role of an Enterprise Risk analyst is to communicate risk processes. They provide hands-on development of risk models involving all categories of risk which include Compliance, Security, Financial, Strategic, Operational, and Legal risk to name a few. The purpose of this Enterprise Risk position is to identify these risks across those categories and work with the departments across Riot; to document the risks; discuss mitigation strategies with management; and report results to the executive leadership team.
As a Data Privacy & Compliance Analyst focusing on Enterprise Risk, you will help with the innovation, governance, and direction necessary to identify and evaluate the risks across Riot. You will develop Enterprise Risk Management tools and practices to report enterprise risks, and to manage risks according to an enterprise risk management framework. You will help ensure our risk management policies and strategies comply with applicable regulations, standards, and strategic goals at Riot. They will monitor risk management activities of the organization, and analyze risks within our teams and report on these risks to the Leadership and the Enterprise Risk Committee.
- Design, and support an overall risk management process for our organization, which includes an analysis of the impacts on our organization when risks occur
- Contribute to the creation of a comprehensive inventory of risks and controls for Riot and work with partners to ensure appropriate controls are designed
- Help with the risk assessment process associated with strategic decisions and new risks across the enterprise to ensure enterprise risks are monitored as conditions change. Develop associated policies and processes.
- Work hands-on with teams in legal, engineering, finance, operations and partnering with product managers, engineers, data analysts, operations analysts in assessing processes, risks and controls while creating solutions across multiple technologies.
- Collect and analyze relevant metrics across the organization to identify important risks and trends and evaluate and improve program effectiveness.
- Continually learn about the regulations applicable to Riot along with risk management frameworks, standards and trends.
- Will assist with third-party due diligence and risk-based testing and monitoring for real-time identification of issues
- Solid experience developing new risk management programs, frameworks, or processes from the ground up
- Knowledge of risk models, and the development of risk dashboards and associated metrics to identify and measure organization risks and present applicable conclusions to executive management
- Experience with the program management in risk including reporting, creation and analysis of risk metrics
- 10+ years of risk management experience in Compliance, Legal, Audit, and Information Security and Information Technology field or other similar risk consulting or internal controls function.
- Experience with Enterprise, IT / Technology environments, Information Security, Privacy, and threat and vulnerability management
- Highly developed written and oral communication skills with the ability to inspire employees at every level to embrace risk and compliance programs
- RIMS-CRMP, PRM, CRM, CRISC, CISA, CISM, CIA or other related certifications
- experience working on regulatory compliance programs such as PCI-DSS, SOX, SSAE 18, Privacy or HIPAA
- Bachelor's or advanced degree in Information Technology, Law, Accounting, Finance, or a related field
- Expert program management skills - planning, status reporting, project risk identification and mitigation
- experience formulating and organizing inter-related projects
- establish strategies for each project
- Coordinate cross-project activities, artifacts, rituals, KPI's
- Experience with Governance, Risk & Compliance (GRC) platform
We offer medical, dental, and vision plans that cover you, your spouse/domestic partner, and children. Life insurance, parental leave, plus short-term and long-term disability coverage are also available. Riot will support your retirement benefits with a company match, and double down on your donations of time and money to non-profit charitable organizations. Balance between work and personal life is encouraged with open paid time off, and a play fund so you can broaden and deepen your personal relationship with games.
It’s our policy to provide equal employment opportunity for all applicants and members of Riot Games, Inc. Riot Games makes reasonable accommodations for handicapped and disabled Rioters and does not unlawfully discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, handicap, veteran status, marital status, criminal history, or any other category protected by applicable federal and state law, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance relating to an applicant's criminal history (LAMC 189.00).