Remoworker Remoworker
V

Senior GRC Analyst

Verasity
Remote Full-time Worldwide
Apply on RemoteFirstJobs →

You'll be redirected to the original listing.

Description

At PrizePicks, we are the fastest-growing sports company in North America, as recognized by Inc. 5000. As the leading platform for Daily Fantasy Sports, we cover a diverse range of sports leagues, including the NFL, NBA, and Esports titles like League of Legends and Counter-Strike. Our team of over 550 employees thrives in an inclusive culture that values individuals from diverse backgrounds, regardless of their level of sports fandom. Ready to reimagine the DFS industry together?

Overview:

  • PrizePicks is seeking an experienced and detail-oriented Senior GRC Analyst to join our expanding governance programs. This role will help drive the continued development and maturation of the organization’s IT and Security governance, risk, and compliance initiatives. You will partner closely with Security, IT, Legal, Engineering, and business stakeholders to help strengthen our compliance posture, improve governance processes, and support ongoing risk management efforts across the enterprise.
  • The ideal candidate is collaborative, proactive, and comfortable working with both technical and non-technical teams in a fast-paced environment.

What you’ll do:

  • Policy Lifecycle Management:

    • Own the ongoing review and maintenance of organizational security policies, standards, and procedures. Assist in identifying policy gaps based on evolving regulatory requirements, business needs, and industry best practices.
  • Compliance Program Support:

    • Serve as a primary cross-functional coordinator with other dedicated compliance teams (e.g., Legal, Regulatory Affairs, Internal Audit) to design and maintain a unified, strategic governance roadmap that ensures all corporate compliance activities are aligned, documented, and consistently executed across the enterprise.
  • Third-Party Risk Management (TPRM):

    • Lead security risk assessments for new and renewing third-party vendors third-party vendors as part of the procurement lifecycle. Track remediation items and collaborate with stakeholders to address identified risks.
  • Audit & Certification Coordination:

    • Coordinate and support the organization’s annual security audits and certifications (e.g., SOC 2, PCI, CIS).
    • Coordinate evidence collection, track action items, communicate with stakeholders, and assist with audit readiness activities.
      • Lead cross-functional coordination with internal SMEs to support evidence collection activities with internal SMEs to support the internal evidence gathering process across multiple departments, reviewing appropriateness, tracking action items, and ensuring timely submission of required documentation.
      • This includes acting as a secondary liaison with external auditors, coordinating the internal evidence gathering process across multiple departments, tracking action items, and ensuring timely submission of required documentation.
      • Serve as a subject matter resource in interpreting and mapping security controls to operational processes and supporting evidence, helping ensure control language, documentation, and evidence collection align with audit and compliance requirements.
  • Security Training Program:

    • Assist with the administration and continuous improvement of the company’s security awareness and training program, including tracking completion metrics and updating training content as needed.
  • Regulatory & Compliance Support:

    • Work in close partnership with Legal and Regulatory teams to interpret new and changing compliance requirements. Provide security insight to ensure corporate practices and technology ali…

Related remote jobs