This job might no longer be available.
Senior IT Governance, Risk and Compliance Specialist
1 year ago
The EA Security team protects EA by reducing our exposure to security risks. We raise risk awareness for the entire company and provide measured, proportionate security and risk management controls, services and solutions. We also ensure that EA meets all required security standards as defined by various regulatory bodies. Keeping EA safe isn't a game; join us as we keep the future of play secure for everyone.
- The Senior IT Governance, Risk and Compliance (GRC) Specialist is responsible for day-to-day activities across the wide scope of EA's Security Governance, Risk and Compliance programs.
- You will work and report to the Sr GRC Security Manager to assist with the Third-Party Security Risk Assessment program. The job encompasses leading the assessment of security, risks, and control effectiveness for applications, infrastructure, and technology projects. You will independently lead and complete high-quality assessments across a diverse set of technologies, by documenting assessment results, recommending corrective action, tracking remediation, evaluating policy and control standard exceptions, and reporting to management.
The job can be OnSite Hybrid (Bucharest) or Offsite from Romania, depending on your preference and you will report to the Senior Manager of Security GRC Operations.
Responsibilities:
- Advise on, develop, and implement processes around risk identification, assessment, and remediation, including issues management, exception management, vendor risk management policy management, and security incident and vulnerability response.
- You will serve as a GRC subject matter expert for information risk, network security and system security by supporting complex analysis and leading risk management capability improvement.
- Manage EA's policy exceptions, identify rationale and risks underlying exception requests, weigh the effectiveness of compensating controls, and makes recommendations around exception requests.
- Together with the team, you will coordinate the ITGC design for the in-scope applications – SOX IT.
Qualifications:
- Five (5) years of progressive experience in information technology is required.
- Knowledge in information technology such as hardware, networking, architecture, protocols, file systems, and operating systems. In-depth knowledge of network security architectures (internal/external), firewall technologies, and knowledge of TCP/IP protocol suite (includes secure protocols).
- Familiarity with IT controls policies, security standards, and security configuration settings for platforms and network infrastructure.
- Demonstrated work experience in one or more of the following areas: Information Security, IT Governance, Compliance Management, IT Auditing, Internal Auditing, Security Analysis, Security Project Management, Security Architecture, and implementing best practices and technology.
- Experience with High Priority, High Activity, and Multi tasked Environments
Other qualifications:
- Professional certifications in security, privacy risk management and audit areas are desirable, such as CISSP, CRISC, CISM, CISA, CIPP, CIPT, CPA, CAP;
- Passionate about security.
- Experience with NIST Cybersecurity Framework
- Experience with ISO 27001
Electronic Arts Inc. is a global leader in interactive entertainment. We develop and deliver games, content, and online services across platforms. We have a broad portfolio of brands that span the most popular genres.
We exist to Inspire the World to Play. We create extraordinary new game experiences for our millions of players everywhere by bringing together experienced people that combine creativity, innovation, and passion. We immerse our employees into an inclusive culture and provide opportunities for learning and leading that allow our employees to do the most impactful and rewarding work of their careers.
Join us in driving the next revolution in games.
Create Your Profile — Game companies can contact you with their relevant job openings.