GRC Analyst

Job Description

Fanatics Collectibles is looking for a Governance, Risk, and Compliance (GRC) Analyst to join our Information Security team. This position will report into the Director - Governance, Risk, and Compliance and will be responsible for assessing controls, prioritizing information security and cybersecurity risk across the organization, facilitating compliance with regulatory requirements, developing and managing information security policies, and reporting on information security metrics.

The GRC Analyst is responsible for reducing information security and cybersecurity risk to Fanatics Collectibles by helping to prioritize and drive remediation efforts throughout the organization through the following:Creating, maintaining, communicating, and enforcing information security policies.Establishing and maintaining information security governance and compliance standards.Conducting control risk assessments to identify vulnerabilities internally and within vendor or third-party supplier products.Maintaining the risk mitigation, risk exception process, and conducting residual risk analysis.The GRC Analyst independently executes high-quality, enterprise-wide controls assessments against industry leading frameworks. The GRC Analyst works with employees and leaders across Fanatics Collectibles.

Team members are given a great deal of autonomy in the pursuit of keeping Fanatics Collectibles secure and a successful candidate will demonstrate strong communication skills and is expected to be comfortable and effective working independently and as part of a larger, global team. The ability to communicate broadly across different skill sets will be key to success in this role.

Duties and responsibilities may include:

Support the controls risk assessment process, by:

Performing on-going and annual control risk assessmentsSupport audit execution processes by providing compliance consultation on various frameworks and best practicesCollecting, reviewing, and uploading evidenceCollecting and documenting emerging risksAssisting in risk analysis and evaluationProviding input for risk trends, emerging threats, and issuesDirect engagement with internal teams to ensure adherence to processesMentor fellow Fanatics Collectibles personnel on best security practices through cross-functional work with multiple technical and non-technical teamsRequired Education and Certification:

Bachelor's degree in an IT or engineering related field strongly preferred.CISA, CISSP, CISM, or CRISC certification or equivalent strongly preferred.Required Skills:

Experience (minimum 5 years) in information technology (IT) or information security with IT-based governance, risk, and compliance.Experience (minimum 1 year) with IT-based audit.A solid understanding of the following frameworks, with direct experience in at least 2 preferred: PCI-DSS Data Privacy (GDPR, CCPA, others) ISO 27001, NIST 800-53, COBIT, SOX.Proficiency in written and spoken English.Ability to present findings and summaries of issues to senior management.Pro-active and self-motivated, including a willingness to reach out to development teams and stakeholders to discuss issues and identify areas needing assistance.Excellent communication and interpersonal skills.Ability to approach problem solving in a constructive and collaborative way.Experience with cloud-based tools strongly preferred.

About Us

Fanatics is building a leading global digital sports platform. The company ignites the passions of global sports fans and maximizes the presence and reach for hundreds of sports partners globally by offering innovative products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans, a global partner network with over 900 sports properties, including major national and international professional sports leagues, teams, players associations, athletes, celebrities, colleges, and college conferences, and over 2,000 retail locations, including its Lids retail business stores.

As a market leader with more than 18,000 employees, and hundreds of partners, suppliers, and vendors worldwide, we take responsibility for driving toward more ethical and sustainable practices. We are committed to building an inclusive Fanatics community, reflecting and representing society at every level of the business, including our employees, vendors, partners and fans. Fanatics is also dedicated to making a positive impact in the communities where we all live, work, and play through strategic philanthropic initiatives.

About the Team

Fanatics Collectibles is a leading licensor, producer, designer, and seller of physical and digital trading cards, sports memorabilia, and other digital assets for entertainment and sports properties globally, as well as a manufacturer of physical and digital trading cards. It has secured exclusive licensing arrangements with major national professional sports leagues, including the MLB, NFL and the NBA, and related players associations, to produce physical and digital trading cards and other collectibles.

Fanatics Collectibles also has partnerships with a number of individual international sports teams and leagues, as well as owners of other entertainment properties granting similar exclusive rights. Fanatics Collectibles recently announced Fanatics Live, expected to launch later in 2023, which will focus on transforming the digital shopping experience through personality-driven content and entertainment.
#J-18808-Ljbffr