What we’re looking for

• 5+ years of experience in third-party risk management, information security, IT audit, or GRC, preferably within Gaming, Technology, or Consulting
• Deep understanding of security risk assessment frameworks and best practices (e.g., NIST, ISO 27001, SIG, CSA, etc.).
• Proficiency in JIRA and GRC platforms such as OneTrust, ServiceNow, or similar tools, with the ability to lead data analysis and system improvements.
• Demonstrated ability to identify and assess security, privacy, and operational risks with a practical and solutions-oriented mindset.
• Excellent verbal and written communication skills, with the ability to influence and challenge stakeholders at all levels while maintaining constructive relationships.
• Comfortable navigating ambiguity, leading through change, and managing complex or sensitive third-party issues.
• Experience with regulatory requirements related to vendor management an...