GRC Lead

3 Months ago β€’ 3 Years + β€’ Cyber Security

Job Summary

Job Description

The GRC Lead at Fortis Games will build, manage, and track end-to-end processes for vulnerability management, cyber data governance, risk verification, cyber awareness training, and cyber policy development. Responsibilities include developing and managing programs across these disciplines, performing risk assessments, creating and delivering training, and maintaining IT and InfoSec policies and procedures. The role involves liaising with auditors and reporting metrics to leadership. This position requires strong communication skills and experience with relevant security frameworks like NIST 800-53 and ISO 27001.
Must have:
  • 3+ years Cyber Security experience
  • 1+ year IT experience
  • 1+ year OneTrust (or similar) experience
  • Vulnerability Management expertise
  • Risk assessment and management
  • Cyber awareness training development
  • Policy/SOP creation & maintenance
  • Excellent communication skills
Good to have:
  • Experience with Third-party risk management
  • Knowledge of SOC 1 and 2 reports
  • Familiarity with GDPR and SOX Compliance
Perks:
  • Opportunity to significantly impact a growing company
  • Work with a seasoned team of industry veterans
  • Contribute to a company culture focused on diversity, inclusivity, and growth
  • Build and grow within a thriving gaming community

Job Details

Who we are

At Fortis Games we aspire to make great games that bring people together while redefining how game companies work. We believe in building a sense of belonging through our games, their communities, and how we operate and treat each other. Through our game communities, we will create powerful connections and lasting memories. We will foster a culture of diversity, equity and belonging where together our diverse skills, experiences and backgrounds impact the games we make.

We are an early but mighty organization with a leadership team of game industry veterans. There are many opportunities for you to have a big impact on the products we'll be making as well as the overall direction of the company. If you're passionate about tackling difficult problems with direct and thoughtful communication and team first mentality, we may be the right place for you.

About the role

Fortis Games is hiring for a GRC Lead to help build, manage, execute, and track the end to end processes in the following areas:  vulnerability management, cyber data governance, risk and verification, cyber awareness and training, and cyber policy/standards/standard operating procedures development. This role will focus on delivering on our IT and InfoSec portfolios to service our company.

What you will do

  • Develop the program(s) to support the governance of our IT and InfoSec Risk and Compliance programs in the following disciplines:
    • Vulnerability management which includes tracking the triage and remediation of scans of the Fortis computing environment for secure configurations and vulnerabilities as well as tracking and performing the exception processes
    • Cyber governance, risk and verification which performs risk assessments, system security and industrial control system zone security plans including listing controls, gaps in implemented controls and tracking remediation of gaps, and provides input to the risk register
    • Third party risk management including risk assessment of vendors and or applications. Identify risks and create treatment plans for the assessment.
    • Cyber security awareness and training which includes creating and delivering cyber awareness training based on role and rank within the organization, and arranging and tracking cyber team member information security training and role progression. Conducts Simulated Phishing campaigns quarterly for all Fortis team members.
    • Cyber & IT policy/standard and standard operating procedure creation, review, distribution, and maintenance
    • Collection and reporting of metrics to IT and InfoSec Leadership
  • Act as a liaison for all audits of our controls, best practices, and standards.

What you will need to be successful 

  • 3 years of experience in a Cyber Security role
  • 1+ years of experience of related field work in an Information Technology role
  • 1+ years of experience using OneTrust (or similar) platform
  • Demonstrated management experience in at least one area in the following list:
    • Cyber Vulnerability Management
    • Cyber Governance and Risk
    • Cyber Awareness and Training
    • Cyber Policy/Standard/Standard Operating Procedures
  • Working knowledge of threats and vulnerabilities and their significance to cyber risk
  • Working knowledge of NIST 800-53, ISO 27001, CIS Benchmarks, SOX Compliance, GDPR, and familiarity with SOC 1 and 2 reports.
  • Excellent verbal and written communication skills are crucial for conveying technical information to non-technical stakeholders, facilitating meetings, and maintaining effective communication within distributed global teams.
  • Experience working with internal and external partners and vendors to achieve goals on aggressive timelines
  • Self motivated and proactive with demonstrated creative and critical thinking skills
  • Comfortable with ambiguity

Why join us

There are many reasons to join us, but here are a few:

  • We strongly believe we are changing how games studios operate and at the core of what we do is making great games that create a connected community
  • We're not just about making Games Where You Belong. We're also about building communities where our people belong. That's why Fortis is a thriving environment that celebrates diversity, embraces inclusivity, and fosters growth.
  • Build and grow with a seasoned team of accomplished talent who have left an impactful mark in their disciplines, both in and out of gaming

Fortis is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.

Similar Jobs

Fluence - Risk & Lessons Learned Manager (m/f/d)

Fluence

Berlin, Berlin, Germany (Hybrid)
β€’ 3 Months ago
The Walt Disney Company - Sr Technical Program Manager

The Walt Disney Company

Santa Monica, California, United States (On-Site)
β€’ 2 Months ago
Rolls Royce - Field Service Engineer

Rolls Royce

Dordrecht, South Holland, Netherlands (On-Site)
β€’ 5 Months ago
PwC - IN-Associate _ Internal Audit_Internal Audit Services _Advisory_PAN India

PwC

Bengaluru, Karnataka, India (On-Site)
β€’ 3 Months ago
ZeroFox - Associate Analyst – Attack Surface Protection

ZeroFox

Bengaluru, Karnataka, India (On-Site)
β€’ 3 Months ago
Google - Technical Solutions Consultant, Security (French)

Google

Paris, Île-de-France, France (On-Site)
β€’ 2 Months ago
PwC - Insurance Enabling Technology - Guidewire Rating Developer-Sr.Associate

PwC

Bengaluru, Karnataka, India (On-Site)
β€’ 4 Months ago
PwC - Senior Associate_ETL Data Engineers_Advisory_  MSOFT_Kolkata

PwC

Kolkata, West Bengal, India (On-Site)
β€’ 3 Months ago
Cognizant - Reverse Engineer (Android) / Barcelona-based / hybrid)

Cognizant

Barcelona, Catalonia, Spain (Hybrid)
β€’ 7 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Social Discovery Group - VP of Finance

Social Discovery Group

Israel (Remote)
β€’ 4 Months ago
HP - Privacy Program Manager

HP

Tlaquepaque, Jalisco, Mexico (On-Site)
β€’ 5 Months ago
Twitch - Senior Privacy Manager

Twitch

Seattle, Washington, United States (On-Site)
β€’ 3 Months ago
PwC - Business Support Senior Associate

PwC

Makati, Metro Manila, Philippines (On-Site)
β€’ 4 Months ago
Visa - AML and Sanctions Compliance Manager - Open Banking

Visa

Austin, Texas, United States (On-Site)
β€’ 2 Months ago
Google - Google Security Manager, Data Centers (English)

Google

(On-Site)
β€’ 2 Months ago
PwC - Risk & Quality Engagement Senior Manager, Deals

PwC

Dubai, Dubai, United Arab Emirates (On-Site)
β€’ 3 Months ago
Axon - Senior Manager of Transformation and Internal Controls (Hybrid)

Axon

Denver, Colorado, United States (Hybrid)
β€’ 2 Months ago
HP - Partner Business Manager (Temporary position)

HP

Sofia, Sofia City Province, Bulgaria (On-Site)
β€’ 4 Months ago
Techland - Risk Officer

Techland

Poland (On-Site)
β€’ 7 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Canada

Critical mass - Freelance Senior Copywriter, Future Opportunity

Critical mass

Calgary, Alberta, Canada (On-Site)
β€’ 4 Months ago
Hasbro - Senior Systemic Game Designer

Hasbro

Montreal, Quebec, Canada (On-Site)
β€’ 3 Months ago
Kabam - Corporate Commercial Counsel

Kabam

Vancouver, British Columbia, Canada (Hybrid)
β€’ 2 Months ago
PwC - Forensic Manager

PwC

Toronto, Ontario, Canada (On-Site)
β€’ 4 Months ago
Google - Senior Technical Solutions Consultant, Extended Workforce Solutions, gTech

Google

Toronto, Ontario, Canada (On-Site)
β€’ 2 Months ago
Netomi - Customer Success Manager

Netomi

Ontario, Canada (Remote)
β€’ 2 Months ago
Matic Robots - Senior Mechanical Design Engineer

Matic Robots

Canada (On-Site)
β€’ 4 Months ago
Luxoft - Senior C++ AUTOSAR Adaptive Software Developer with Security Knowledge

Luxoft

Ottawa, Ontario, Canada (On-Site)
β€’ 2 Months ago
2K - Expert Gameplay Animation Engineer

2K

Vancouver, British Columbia, Canada (Hybrid)
β€’ 4 Months ago
Wind River Systems - Star Lab - Field Applications Engineer, System Architect

Wind River Systems

Huntsville, Ontario, Canada (Hybrid)
β€’ 3 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

PwC - In-Senior Manager_Cyber Security Sales_ RC Central _Advisory_Bangalore

PwC

Bengaluru, Karnataka, India (On-Site)
β€’ 4 Months ago
PwC - Risk Services - AI Strategy Lead

PwC

Singapore (On-Site)
β€’ 4 Months ago
Balbix - Customer Success Architect - Cyber Security

Balbix

Bengaluru, Karnataka, India (On-Site)
β€’ 4 Months ago
ION - Network Security Engineer

ION

Rome, Lazio, Italy (Hybrid)
β€’ 4 Months ago
Granicus - Cloud Network Security Engineer

Granicus

Bengaluru, Karnataka, India (Hybrid)
β€’ 4 Months ago
ByteDance - Risk Governance & Remediation Lead, Insider Threat

ByteDance

Singapore (On-Site)
β€’ 2 Months ago
Axinous - Senior Product Marketing Manager - Risk Management

Axinous

San Jose, California, United States (Hybrid)
β€’ 3 Months ago
ION - Cyber Security Analyst, Italy

ION

Turin, Piedmont, Italy (On-Site)
β€’ 4 Months ago
PwC - IN-Associate _ Control Testing_Internal Audit Service_ Advisory _Pune

PwC

Pune, Maharashtra, India (On-Site)
β€’ 4 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Fortis is a global game studio with a mission to create worlds that matter β€” that challenge minds, build connections, and inspire communities. Founded by industry veterans, Fortis believes games have the ability to create a positive impact on society and culture, and now more than ever, those are the experiences players are looking for. With team members already in the US, UK, Canada, Romania, Portugal and Brazil, Fortis is growing and seeks the best of the best from around the world in order, regardless of location, to create a best-in-class games studio. Join us!

Canada (On-Site)

Brazil (On-Site)

United Kingdom (On-Site)

United Kingdom (On-Site)

Canada (On-Site)

Canada (Remote)

United Kingdom (On-Site)

View All Jobs

Get notified when new jobs are added by Fortis Games

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug