Security Analyst, Governance, Risk & Compliance

About GameChanger:

We believe in the life-changing impact youth sports have on and off the field because they encourage leadership, teamwork, responsibility, and confidence—important life lessons that have the power to propel our youth toward meaningful futures. We recognize that without coaches, parents, and volunteers, organized youth sports could not exist. By building the first and best place to experience the youth sports moments important to our community, we are helping families elevate the next generation through youth sports.

So if you love sports and their community-building potential, or building cool products is your sport, GameChanger is the team for you. We are a remote-first, dynamic tech company based in New York City, and we are solving some of the biggest challenges in youth sports today.

The Position:

The Security Governance, Risk & Compliance (GRC) Analyst is a critical position within the infosec team, and has risk and compliance responsibilities from a technology and security perspective across the organization globally. The main objective of the Security GRC role is to deliver best in class Security Governance, Risk and Compliance, services to ensure that GameChanger operates in a risk mitigated, security managed environment and that GameChanger’s security compliance objectives are being met. Their responsibilities span GameChanger’s products and services and the internal applications, tools, and infrastructure that support them.

What You’ll Do:.

• Governance Framework: Develop, implement, and maintain comprehensive governance policies and procedures to ensure GameChanger is adhering to the NIST CSF Framework.
• Risk Management: Identify, assess, and mitigate security risks, ensuring that robust risk management practices are in place to protect GameChangers’ assets.
• Compliance Oversight: Ensure ongoing compliance with industry regulations, including but not limited to, NIST CSF.
• Security Audits: Plan, conduct, and oversee security audits for internal systems and third-party vendors, ensuring thorough evaluation of security controls and compliance.
• Policy Development: Create and update security policies, standards, and guidelines to address evolving requirements and emerging security threats.
• Reporting: Prepare detailed audit reports, risk assessments, and compliance documentation for senior management, our parent company or 3rd parties, including KRI and KPI definition and measurement

What You’ll Bring:

• 4+ years of experience in GRC or related roles
• Strong understanding of the NIST CSF security framework
• Skills in documenting risk and compliance activities.
• An excellent ability to communicate verbally and in writing
• Experience working with GRC tools like Vanta or Drata
• Highly organized, motivated, and detail-oriented with the ability to work independently in a fast-paced environment
• Strong degree of comfort working alongside, engaging and communicating with stakeholders across an organization
• One or more of the following certifications is preferred: CISA, CISM, CISSP

Who You Are:

• Team Player: You enjoy collaborating with others and have strong communication skills.
• Problem Solver: You have a keen analytical mind and enjoy solving complex problems, especially those related to security challenges in a Data environment.
• Lifelong Learner: You are passionate about staying updated with the latest technological and security trends.
• Adaptable: You are flexible and can adapt to changing priorities and technologies.
• Detail-Oriented: You have a strong attention to detail, especially when it comes to identifying and mitigating security risks.

Perks:

• Work remotely or from our well-furnished, modern office in Manhattan, NY.
• Unlimited vacation policy.
• Paid volunteer opportunities.
• WFH stipend - $500 annually to make your WFH situation comfortable.
• Snack stipend - $60 monthly to have snacks shipped to your home office.
• Full health benefits - medical, dental, vision, prescription, FSA/HRA, and coverage for family/dependents.
• Life insurance - basic life, supplemental life, and dependent life.
• Disability leave - short-term disability and long-term disability.
• Retirement savings - 401K plan offered through Vanguard, with a company match.
• Company paid access to a wellness platform to support mental, financial and physical wellbeing.
• Generous parental leave.
• DICK’S Sporting Goods Teammate Discount.

We are an equal opportunity employer and value diversity in our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

The target salary range for this position is between $125,000 and $170,000. This is part of a competitive total rewards package that includes incentive, equity, and benefits for eligible roles. Individual pay may vary from the target range and is determined by a number of factors including experience, internal pay equity, and other relevant business considerations. We review all teammate pay regularly to ensure competitive and fair pay.

DICK’S Sporting Goods has company-wide practices to monitor and protect the company from significant compliance and monetary implications as it pertains to employer state tax liabilities. Due to said guidelines put in place, we are unable to hire in AK, DE, HI, IA, LA, MS, MT, OK, and SC.