Security Risk and Compliance Lead

3 Months ago • 6 Years + • Risk Management • $144,600 PA - $180,500 PA

Job Summary

Job Description

As a Security Risk and Compliance Lead at Rockstar Games, you will assess and manage information security risks, support risk treatment efforts, and ensure alignment with organizational and industry standards. Your role involves identifying and tracking risks, remediation efforts, and collaborating with stakeholders to safeguard employees, systems, and intellectual property. This full-time, in-office position is based in New York City. The Rockstar Security team prioritizes and executes security initiatives to drive down risk, striving to understand the threat landscape to define policies and procedures, and build enterprise security controls.
Must have:
  • Bachelor's degree in Cybersecurity or related field.
  • 6+ years of GRC or related cybersecurity role.
  • 3+ years of information security risk management experience.
  • Strong written and verbal communication skills.
Good to have:
  • Industry-recognized certifications like CISSP, CISA, or CRISC.
  • Strong knowledge across information security domains.
  • Experience implementing and improving GRC tooling.
  • Experience conducting security audits and risk assessments.

Job Details

At Rockstar Games, we create world-class entertainment experiences. 

Become part of a team working on some of the most rewarding, large-scale creative projects to be found in any entertainment medium - all within an inclusive, highly-motivated environment where you can learn and collaborate with some of the most talented people in the industry.

Rockstar is on the lookout for a talented Security Risk & Compliance Lead to help assess and manage information security risks, and support risk treatment efforts to safeguard employees, information systems, and intellectual property. Leveraging your cross-domain cybersecurity expertise, you will support the identification, tracking, and reporting of risks and remediation efforts, including those related to third parties, to ensure alignment with organizational and industry standards. This is a full-time permanent position based out of Rockstar’s unique game development studio in the heart of New York City.

This is a full-time, in-office position based out of Rockstar’s NYC headquarters in Downtown Manhattan. 

WHAT WE DO

  • The Rockstar Security team is responsible for advancing the state of information security across the company globally by prioritizing and executing security initiatives that drive down risk.
  • We strive to understand the threat landscape affecting our development studios, the gaming industry, and the world at large to define information security policies, standards, and procedures to safeguard our business and protect our players.
  • We lead efforts to build enterprise security controls ranging from endpoint protection technologies to security incident and event monitoring solutions
  • We have a passion for identifying threats and vulnerabilities, and coming up with clever solutions to mitigate or remediate those risks. 

RESPONSIBILITIES

  • In coordination with relevant stakeholders, perform risk and compliance assessments to identify security risks, control gaps, opportunities for improvement, and compliance with policies and standards.
  • Enhance and maintain information security risk registers, control matrices, and exception process / logs. Triage and assess information security risks (e.g., for impact and likelihood) to determine applicability and severity, in support of prioritization and decision-making.  
  • Collaborate with risk and remediation owners to ensure that mitigation plans are developed, tracked, implemented, and control improvements are validated for effectiveness.   
  • Develop, prepare, and present regular data-driven reports, metrics, and key indicators of security risks including compliance status and remediation progress to management.
  • Mature and enhance the use of GRC tooling for security risk management and associated workflows.
  • Review and evaluate third-party vendors for compliance with studio security standards and practices. Identify and manage potential gaps by partnering with business and supplier stakeholders toward mitigation.   
  • Support the development and iteration of security standards. 

QUALIFICATIONS

  • Bachelor's degree in Computer Science, Cybersecurity, or related.
  • 6+ years of experience in GRC or related cybersecurity role.
  • A minimum of (3) years of experience in information security risk management, with hands-on experience working on the security risk lifecycle (e.g., managing risk register).
  • Industry-recognized certifications such as CISSP, CISA, CRISC, ISO27001 Lead Implementer / Audit, or other relevant certifications.
  • Strong written and verbal communication skills, with the ability to clearly articulate complex security risks to diverse technical and non-technical audiences including studio management, business operations, product and production teams, engineers, developers, IT, and security teams. 

SKILLS

  • Strong knowledge and experience across information security domains.  
  • Deep familiarity with the performance of security risk management, including knowledge of methodologies, pitfalls, success factors, and the development of associated processes.
  • Strong understanding of security management frameworks such as ISO 27001, SOC 2, and NIST.
  • Experience implementing and improving upon the use of GRC tooling. This includes establishing risk registers, exception logs, controls-library, surveys, dashboards, and reporting.
  • Experience conducting security audits and risk assessments.
  • Hands-on experience performing third-party vendor risk management including supplier assessment through posture and technical reviews. Experience working with Business, Legal, and Privacy teams on vendor contracts a plus. 

HOW TO APPLY

Please apply with a resume and cover letter demonstrating how you meet the skills above. If we would like to move forward with your application, a Rockstar recruiter will reach out to you to explain next steps and guide you through the process.

Rockstar is committed to creating a work environment that promotes equal opportunity, dignity and respect. In line with this commitment, Rockstar will provide reasonable accommodations to qualified job applicants with disabilities during the recruitment process in order for such applicants to be considered for the position for which they are applying, as well as to qualified employees to enable them to perform the essential functions of their roles. If you need more information about Rockstar’s reasonable accommodation policies or process, or need to request an accommodation, please contact the Human Resources Department.                                   

If you’ve got the right skills for the job, we want to hear from you. We encourage applications from all suitable candidates regardless of age, disability, gender identity, sexual orientation, religion, belief, race, or any other protected category.

The pay range for this position in New York State (inclusive of New York City) at the start of employment is expected to be between the range below* per year. However, base pay offered is based on market location, and may vary further depending on individualized factors for job candidates, such as job-related knowledge, skills, experience, and other objective business considerations. Subject to those same considerations, the total compensation package for this position may also include other elements, including a bonus and/or equity awards, in addition to a full range of medical, financial, and/or other benefits. Details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, employee will be in an "at-will position" and the company reserves the right to modify base salary (as well as any other discretionary payment or compensation or benefit program) at any time, including for reasons related to individual performance, company or individual department/team performance, and market factors.

 

*NY Base Pay Range
$144,600$180,500 USD

Similar Jobs

Mozilla - Vice President, Community

Mozilla

New York, United States (Remote)
3 Weeks ago
Lilt - Voice Talent Required

Lilt

United Kingdom (Remote)
1 Month ago
level ai - Group/Principal Product Manager

level ai

Mountain View, California, United States (Hybrid)
2 Months ago
Ubisoft - Senior Gameplay Animator

Ubisoft

Toronto, Ontario, Canada (Hybrid)
4 Months ago
Tencent - Senior Product Solution Architect (Tencent Cloud Enterprise)

Tencent

Singapore (On-Site)
7 Months ago
Tide - Insurance Risk Lead

Tide

United Kingdom (Hybrid)
2 Months ago
Yodlee - Information Security Risk Management Director

Yodlee

Berwyn, Pennsylvania, United States (Hybrid)
5 Months ago
bytedance - Risk Control Business Partner

bytedance

Singapore (On-Site)
3 Months ago
Remote - Payroll Risk & Compliance Lead - APAC

Remote

Philippines (Remote)
3 Weeks ago
Ion - Senior Consultant - Risk Advisory, Italy

Ion

Pisa, Tuscany, Italy (On-Site)
10 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Synthesia - Sales Operations Director

Synthesia

London, England, United Kingdom (Remote)
3 Weeks ago
Trellix - Senior Software Development Engineer

Trellix

Bengaluru, Karnataka, India (On-Site)
2 Weeks ago
DraftKings - Marketing Technology Specialist

DraftKings

Boston, Massachusetts, United States (On-Site)
2 Months ago
endava - Java Design Lead

endava

São Paulo, State Of São Paulo, Brazil (On-Site)
2 Months ago
Games talent (Staffing and recruiting) - Senior Concept Artist

Games talent (Staffing and recruiting)

(Remote)
3 Months ago
Triple dot studios - Product Manager

Triple dot studios

Melbourne, Victoria, Australia (Hybrid)
3 Weeks ago
Tesla - Automotive Mechatronics/Automotive Specialist

Tesla

Studen, Canton Of Bern, Switzerland (On-Site)
6 Months ago
747 Studios - Assistance Accounting / People & Culture (m/f/d)

747 Studios

Hamburg, Hamburg, Germany (On-Site)
2 Weeks ago
Ion - NetSuite ERP Developer

Ion

Dublin, County Dublin, Ireland (On-Site)
5 Months ago
Thales - DV Cleared Test Solutions Engineer

Thales

Glasgow, Scotland, United Kingdom (Hybrid)
2 Months ago

Get notifed when new similar jobs are uploaded

Jobs in New York, United States

Decagon - Account Executive, Strategic Accounts

Decagon

United States (On-Site)
9 Months ago
Toast - Staff Software Engineer

Toast

Boston, Massachusetts, United States (Hybrid)
1 Month ago
Penumbrainc - Production Material Handler I - Day Shift

Penumbrainc

Roseville, California, United States (On-Site)
2 Months ago
Simcorp - Senior Principal Customer Success Manager

Simcorp

San Francisco, California, United States (Hybrid)
2 Months ago
Blink - Content Strategist

Blink

United States (Remote)
2 Weeks ago
Whatnot - Senior Salesforce Administrator

Whatnot

Los Angeles, California, United States (Remote)
1 Month ago
Substack - Video Storyteller

Substack

San Francisco, California, United States (Hybrid)
1 Month ago
The New York Times - Newsletter Editor, NYT Cooking/Food

The New York Times

New York, United States (Hybrid)
1 Month ago
Sleeper - Content Curator (Part-time Contractor)

Sleeper

United States (Remote)
4 Months ago
Blitz app - Subscription Manager

Blitz app

Los Angeles, California, United States (On-Site)
4 Years ago

Get notifed when new similar jobs are uploaded

Risk Management Jobs

PwC - Senior Associate Project Risk Management - Milano

PwC

Milan, Lombardy, Italy (On-Site)
10 Months ago
PhonePe - Senior Risk Investigator

PhonePe

Bengaluru, Karnataka, India (On-Site)
1 Month ago
Ion - Senior Risk Analyst, Italy

Ion

Collecchio, Emilia-Romagna, Italy (On-Site)
10 Months ago
nubank - Operational Risk Specialist

nubank

Mexico City, Mexico (On-Site)
1 Month ago
Ion - Junior Consultant - Risk Advisory, Italy

Ion

Milan, Lombardy, Italy (On-Site)
10 Months ago
Saxo Bank - Risk Manager

Saxo Bank

Copenhagen, Denmark (On-Site)
1 Month ago
Remote - Risk Officer - Payments

Remote

Netherlands (Remote)
1 Month ago
Xepelin - Intern Risk Ops

Xepelin

Mexico City, Mexico (Hybrid)
2 Weeks ago
Optiv - Associate Consultant - Cyber Strategy & Risk

Optiv

Bengaluru, Karnataka, India (On-Site)
1 Month ago
OKX - Team Lead, Payment Risk

OKX

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
2 Months ago

Get notifed when new similar jobs are uploaded

About The Company

New York, New York, United States (On-Site)

New York, New York, United States (On-Site)

Leeds, England, United Kingdom (On-Site)

London, England, United Kingdom (On-Site)

Edinburgh, Scotland, United Kingdom (On-Site)

Edinburgh, Scotland, United Kingdom (On-Site)

Oakville, Ontario, Canada (On-Site)

Oakville, Ontario, Canada (On-Site)

Edinburgh, Scotland, United Kingdom (On-Site)

Edinburgh, Scotland, United Kingdom (On-Site)

View All Jobs

Get notified when new jobs are added by Rockstar Games

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug