Description
Scopely is looking for a Security Compliance Analyst to join our Information Security team in Barcelona on a remote basis.
At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players.
We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily. What You Will Do
- Work with global teams and business partners to provide guidance and support with compliance, policy, and regulatory matters
- Research and educate teams on emerging security and privacy laws
- Develop and maintain comprehensive documentation of compliance activities, policies, and procedures
- Provide remediation guidance and prepare management reports to track remediation activities
- Maintain and improve operational compliance and data privacy related tasks such as cookie consent tracking data subject requests (DSR)s, and data mapping
- Assist with security configuration standards for systems and business applications to meet compliance requirements
- Develop and maintain up-to-date knowledge of industry standards, including ISO 27001, GDPR, HIPAA, SOC 2, and other relevant security / compliance frameworks
- Defines and documents business process responsibilities and ownership of the controls in a GRC tool
- Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met
- Collaborate with various teams and departments to identify and mitigate risks, ensuring Security Compliance across all functions
- Maintain and identify areas of opportunity for compliance automation tasks
- Support vendor due-diligence process and help to lead and define overall third party risk management efforts
- Keep up to date and educate stakeholders about the industry’s latest security and technology developments
What We’re Looking For
Bachelor's degree in Information Technology, Cybersecurity, or a related field. Advanced degree or professional certifications (.
CISSP, CISM, CISA) preferred
- Minimum of 4 years of experience in information security, with at least 1 year in a compliance-focused role
- Proficient in creating automation scripts in Python
- Understanding of database construction, querying, and analysis ( SQL and similar languages)
- General understanding of Big Data
- Familiarity with OneTrust or similar compliance management platforms
- Strong understanding of privacy laws (such as GDPR, CCPA) and experience in implementing policies to comply with these and other regulations
- Knowledge of best practice standards (. NIST, ISO 27001 / 2, COBIT)
- Strong analytical skills and experience with security assessment tools and methodologies
- Strong leadership and project management skills, with the ability to lead cross-functional teams in a dynamic environment
- Basic knowledge of information security solutions, data loss prevention, intrusion detection and prevention, network security monitoring, vulnerability management, and security testing