This senior-level Expert Engineer role focuses on Governance, Risk, and Compliance (GRC) within the company, requiring strong technical expertise to identify, assess, and mitigate risks, and ensure compliance with information security standards. The role involves guiding the implementation and maintenance of technical controls, tools, and processes for security governance. Key responsibilities include developing and maintaining the GRC platform, driving integration strategies, providing expert guidance on GRC technical matters, establishing standardized workflows, and performing technical risk assessments.

Must Have

• Technical development, implementation, and maintenance of the GRC platform.
• Drive integration strategies between GRC platforms and enterprise systems.
• Provide expert guidance on GRC technical matters to senior leadership.
• Establish standardized workflows for risk assessments, exception handling, and remediation tracking.
• Develop and implement compliance monitoring and reporting mechanisms.
• Perform technical risk assessments of cloud environments and application security.
• Oversee issue management processes for audit findings, risk mitigation, and compliance gaps.
• Participate in the administration of GRC tools and AI-agents.
• 10+ years of experience in information security governance, risk management, compliance, and/or security engineering.
• Deep knowledge of GRC and compliance frameworks (NIST 800-53, CSF, CIS Controls, CSA CCM).
• Ability to translate controls into technical system configurations.
• Proficiency in scripting languages (Python, PowerShell, Bash).
• Familiarity with GRC tools (ServiceNow GRC, Archer, AuditBoard).

Good to Have

• Understanding of technical GRC architectures, log flows, APIs, and pipelines.
• Strong knowledge of cloud platforms (AWS, Azure, GCP) and their security services.
• Experience with building dashboards and alerts for compliance monitoring.
• Knowledge of GRC AI-agent development and governance.
• Awareness of new upcoming cybersecurity compliance regulations.
• Relevant GRC and compliance certifications (CISA/CISM, CRISC, Cloud security certifications).

Perks & Benefits

• Medical, dental, vision insurance
• Health savings account or health reimbursement account
• Healthcare spending accounts
• Dependent care spending accounts
• Life and AD&D insurance
• Disability insurance
• 401(k) with Company match
• Tuition reimbursement
• Charitable donation matching
• Paid holidays and vacation
• Paid sick time
• Floating holidays
• Compassion and bereavement leaves
• Parental leave
• Mental health & wellbeing programs
• Fitness programs
• Free and discounted games
• Supplemental life & disability
• Legal service
• ID protection
• Rental insurance
• Relocation assistance (if required to move)

Your Platform

Founded in 1979, the company has continuously disrupted the world of entertainment as a leader in the videogame industry. With a history of delivering iconic game changers -- like Pitfall®, Tony Hawk®, Guitar Hero®, Crash Bandicoot™, Skylanders™ and Call of Duty® -- our obsession is delighting our players around the globe.

Focused and committed to innovation, we consistently deliver the most beloved, engaging and successful entertainment.

And while we have world-class franchises, infrastructure and resources, our success comes from a passionate, talented and diverse team of people producing greatness together. So, if you're interested in our biggest priority, it's our people.

We're currently driving the next era for our company and community by creating amazing experiences for fans and continuing to make it an inclusive place where everyone can thrive.

Join us, make history.

Your Mission

This position is a senior-level role focused on Governance, Risk, and Compliance (GRC), requiring a blend of strong technical expertise and GRC knowledge to identify, assess, and mitigate risks while ensuring compliance with information security standards.

The Technical GRC Engineer will be responsible for guiding implementation and maintenance of technical controls, tools, and processes that support the organization's security governance and compliance objectives. This role bridges the gap between security engineering and GRC by ensuring that compliance requirements are translated into actionable technical solutions and can be monitored effectively. This individual will work with the Information Security, Application Development, Legal, IT, and other business teams to:

Key Responsibilities

• Play a critical role in the technical development, implementation, and maintenance of the GRC platform.
• Drive integration strategies between GRC platforms and enterprise systems to enable automated data sharing and reporting.
• Provide expert guidance and leadership on GRC technical matters to senior leadership and business stakeholders.
• Establish standardized workflows for risk assessments, exception handling, and remediation tracking to ensure consistency and accountability.
• Develop and implement compliance monitoring and reporting mechanisms in the GRC platform
• Perform technical risk assessments as part of security exceptions to identify gaps and engage with the business to understand control environments and mitigation strategies.
• Oversee issue management processes for audit findings, risk mitigation, and compliance gaps, ensuring timely resolution.
• Provide expert guidance on GRC architectures and AI -agent development.
• Participate in the administration of GRC tools and AI -agents.

Player Profile

• Technical GRC engineering capabilities.
• Deep knowledge of leading practice GRC and compliance frameworks such as NIST 800-53 and CSF, CIS Controls, Cloud Security Alliance (CSA) CCM, etc.
• Ability to translate controls into technical system configurations and implement security controls within cloud and on-prem environments.
• Direct experience in performing technical assessments of cloud environments and application security, within the context of risk management and compliance.
• Understanding of technical GRC architectures, log flows, APis, and pipelines.
• Strong knowledge of cloud platforms (AWS, Azure, GCP) and their security services.
• Proficiency in scripting languages (Python, PowerShell, Bash) for automation and experience with building and maintaining integrations between GRC platforms and downstream/upstream systems to facilitate risk management workflows.
• Strong familiarity with GRC tools (e.g., ServiceNow GRC, Archer, AuditBoard, etc.).
• Experience with building dashboards and alerts for compliance monitoring.
• Knowledge of GRC AI-agent development and governance.
• Awareness of new upcoming cybersecurity compliance regulations and related requirements.
• Relevant GRC and compliance certifications including Certified Information Systems Auditor/ Manager (CISA/CISM), CRISC, Cloud security certifications (AWS, Azure, GCP).

Minimum Requirements

• Bachelor's degree or equivalent work experience.
• 10+ years of direct experience in information security governance, risk management, compliance and/or security engineering.
• Excellent oral/written communication, problem solving and analytical skills.
• Ability to work independently and as part of a team to achieve desired objectives and project results.
• Ability to interface effectively and decisively with all levels of management, departments, business units across global time zones and outside vendors.
• Ability to consistently provide proactive communications and status to management and project teams.
• A desire to participate in creating the workplace you want to be a part of.
• We work hard and work responsibly. Personal accountability goes a long way. We believe we are the change.

Our World

One of the world's largest and most successful interactive entertainment companies and is at the intersection of media, technology and entertainment. We are home to some of the most beloved entertainment franchises including Call of Duty®, World of Warcraft®, Overwatch®, Diablo®, Candy Crush™ and Bubble Witch™. Our combined entertainment network delights hundreds of millions of monthly active users in 196 countries, making us the largest gaming network on the planet!

Our ability to build immersive and innovative worlds is only enhanced by diverse teams working in an inclusive environment. We aspire to have a culture where everyone can thrive in order to connect and engage the world through epic entertainment. We provide a suite of benefits that promote physical, emotional and financial well-being for ‘Every World’ - we’ve got our employees covered!

The videogame industry and therefore our business is fast-paced and will continue to evolve. As such, the duties and responsibilities of this role may be changed as directed by the Company at any time to promote and support our business and relationships with industry partners.

We love hearing from anyone who is enthusiastic about changing the games industry. Not sure you meet all qualifications? Let us decide! Research shows that women and members of other under-represented groups tend to not apply to jobs when they think they may not meet every qualification, when, in fact, they often do! We are committed to creating a diverse and inclusive environment and strongly encourage you to apply.

We are committed to working with and providing reasonable assistance to individuals with physical and mental disabilities. If you are a disabled individual requiring an accommodation to apply for an open position, please email your request to accommodationrequests@activisionblizzard.com. General employment questions cannot be accepted or processed here. Thank you for your interest.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity, age, marital status, veteran status, or disability status, among other characteristics.

Rewards

We provide a suite of benefits that promote physical, emotional and financial well-being for ‘Every World’ - we’ve got our employees covered! Subject to eligibility requirements, the Company offers comprehensive benefits including:

• Medical, dental, vision, health savings account or health reimbursement account, healthcare spending accounts, dependent care spending accounts, life and AD&D insurance, disability insurance;
• 401(k) with Company match, tuition reimbursement, charitable donation matching;
• Paid holidays and vacation, paid sick time, floating holidays, compassion and bereavement leaves, parental leave;
• Mental health & wellbeing programs, fitness programs, free and discounted games, and a variety of other voluntary benefit programs like supplemental life & disability, legal service, ID protection, rental insurance, and others;
• If the Company requires that you move geographic locations for the job, then you may also be eligible for relocation assistance.

Eligibility to participate in these benefits may vary for part time and temporary full-time employees and interns with the Company. You can learn more by visiting https://www.benefitsforeveryworld.com/.

In the U.S., the standard base pay range for this role is $121,500.00 - $224,880.00 Annual. These values reflect the expected base pay range of new hires across all U.S. locations. Ultimately, your specific range and offer will be based on several factors, including relevant experience, performance, and work location. Your Talent Professional can share this role’s range details for your local geography during the hiring process. In addition to a competitive base pay, employees in this role may be eligible for incentive compensation. Incentive compensation is not guaranteed. While we strive to provide competitive offers to successful candidates, new hire compensation is negotiable.