FAGovernance, Risk, and Compliance (GRC) Analyst
Fanatics 
United States only
United States onlyFanatics Collectibles is looking for a Governance, Risk, and Compliance (GRC) Analyst to join our Information Security team. This position will report into the Director - Governance, Risk, and Compliance and will be responsible for assessing controls, prioritizing information security and cybersecurity risk across the organization, facilitating compliance with regulatory requirements, developing and managing information security policies, and reporting on information security metrics.
The GRC Analyst is responsible for reducing information security and cybersecurity risk to Fanatics Collectibles by helping to prioritize and drive remediation efforts throughout the organization through the following:· Creating, maintaining, communicating, and enforcing information security policies.· Establishing and maintaining information security governance and compliance standards.· Conducting control risk assessments to identify vulnerabilities internally and within vendor or third-party supplier products.· Maintaining the risk mitigation, risk exception process, and conducting residual risk analysis. The GRC Analyst independently executes high-quality, enterprise-wide controls assessments against industry leading frameworks. The GRC Analyst works with employees and leaders across Fanatics Collectibles.Team members are given a great deal of autonomy in the pursuit of keeping Fanatics Collectibles secure and a successful candidate will demonstrate strong communication skills and is expected to be comfortable and effective working independently and as part of a larger, global team. The ability to communicate broadly across different skill sets will be key to success in this role.
Duties and responsibilities may include:Support the controls risk assessment process, by:· Performing on-going and annual control risk assessments· Support audit execution processes by providing compliance consultation on various frameworks and best practices· Collecting, reviewing, and uploading evidence· Collecting and documenting emerging risks· Assisting in risk analysis and evaluation· Providing input for risk trends, emerging threats, and issues· Direct engagement with internal teams to ensure adherence to processes· Mentor fellow Fanatics Collectibles personnel on best security practices through cross-functional work with multiple technical and non-technical teams
Required Education and Certification:· Bachelor's degree in an IT or engineering related field strongly preferred.· CISA, CISSP, CISM, or CRISC certification or equivalent strongly preferred.
Required Skills:· Experience (minimum 5 years) in information technology (IT) or information security with IT-based governance, risk, and compliance.· Experience (minimum 1 year) with IT-based audit.· A solid understanding of the following frameworks, with direct experience in at least 2 preferred: PCI-DSS Data Privacy (GDPR, CCPA, others) ISO 27001, NIST 800-53, COBIT, SOX.· Proficiency in written and spoken English.· Ability to present findings and summaries of issues to senior management.· Pro-active and self-motivated, including a willingness to reach out to development teams and stakeholders to discuss issues and identify areas needing assistance.· Excellent communication and interpersonal skills.· Ability to approach problem solving in a constructive and collaborative way.· Experience with cloud-based tools strongly preferred.Ensure your Fanatics job offer is legitimate and don’t fall victim to fraud. Fanatics never seeks payment from job applicants. Feel free to ask your recruiter for a phone call or other type of communication for interview, and ensure your communication is coming from a Fanatics or Fanatics Brand email address. For added security, where possible, apply through our company website at www.fanaticsinc.com/careers
Tryouts are open at Fanatics! Our team is passionate, talented, unified, and charged with creating the fan experience of tomorrow. The ball is in your court now.
Fanatics is committed to responsible planning and purchasing (RPP) practices, working with its business partners across its global and multi-layered supply chain, to ensure that planning, sourcing, and purchasing decisions, along with other supporting processes, do not impede or conflict with the fulfillment of Fanatics’ fair labor practices.
NOTICE TO CALIFORNIA RESIDENTS/APPLICANTS: In connection with your application, we collect information that identifies, reasonably relates to or describes you (“Personal Information”). The categories of Personal Information that we collect include your name, government issued identification number(s), email address, mailing address, other contact information, emergency contact information, employment history, educational history, criminal record, and demographic information. We collect and use those categories of Personal Information about you for human resources and other business management purposes, including identifying and evaluating you as a candidate for potential or future employment or other types of positions, recordkeeping in relation to recruiting and hiring, conducting criminal background checks as permitted by law, conducting analytics, and ensuring compliance with applicable legal requirements and Company policies. For additional information on how we collect and use personal information in connection with your job application, review our Candidate Privacy Policy-CA
Elevate your application
Let our AI craft your perfect cover letter and align your resume to this job's criteria.
By using our AI tools, you consent to sharing your profile with our AI partner for this purpose.
Elevate your application
Let our AI craft your perfect cover letter and align your resume to this job's criteria.
By using our AI tools, you consent to sharing your profile with our AI partner for this purpose.
Apply now
Please let Fanatics know you found this job on Himalayas. This helps us grow!
About the job
Apply before
May 07, 2024
Posted on
Mar 08, 2024
Job type
Full Time
Experience level
Entry-level
Location requirements
Hiring timezones
United States +/- 0 hoursJob categories
About Fanatics
Learn more about Fanatics and their company culture.
Similar remote jobs
Here are other jobs you might want to apply for.
6 remote jobs at Fanatics
Explore the variety of open remote roles at Fanatics, offering flexible work options across multiple disciplines and skill levels.
Remote companies like Fanatics
Find your next opportunity by exploring profiles of companies that are similar to Fanatics. Compare culture, benefits, and job openings on Himalayas.
Find your dream job
Sign up now and join thousands of other remote workers who receive personalized job alerts, curated job matches, and more for free!
