Staff Security Engineer (Risk Management) - Information Security

Riot's Enterprise Technology organization ensures Rioters have what they need to unlock their full potential by providing expertise on cybersecurity to protect the experience of millions of players, offering corporate solutions to increase productivity and guide teams on complex data privacy regulations.

As a Staff Security Engineer (Risk Management) - Information Security, you will work with technology partners to measure and report technical risks to Riot Games' business leaders. You will report to the Senior Director of Security.

We are looking for candidates that have experience owning the technical controls catalog for the company. You will ensure that we are able to accurately measure overall compliance to standards and report deviations, track cyber risk across the organization and maintain our cyber risk register in conjunction with the enterprise risk team. With your work, Riot's LOB leaders will understand their share of the risk and the overall risk posture of their businesses. You will also be accountable for tracking our adherence to all regulatory controls.

Responsibilities

• Build technology and tooling to monitor and measure internal control effectiveness and provide continuous security compliance.
• Develop and audit security policies, standards, and procedures.
• Provide executive management with the enterprise technical risk profile for aggregate cyber risk.
• Report technical risks to the pillars COO's, Business Information Security Officers, and the Enterprise Risk team.
• Develop and deliver a quarterly enterprise cyber risk profile.

Required Qualifications

• 5+ years of experience in technical risk management field (technology governance, enterprise risk management, and compliance).
• Experience with software development and automation (scripting, Python, Golang, Terraform etc.).
• Experience operating or implementing GRC platforms.

Desired Qualifications

• Risk, Compliance, Audit or Information Security-related certification (CPA, CIA, CISA, CISSP, CISM, CRISC, etc.).
• Experience implementing new risk management programs from the ground up.
• Experience working with geographically distributed teams within a complex international organization.

Don't forget to include a resume and cover letter. We'll notice a fun, well-written intro that shows us you Dare to Dream and Execute with Excellence. Being a dedicated fan of games is not necessary for this position!

Our Perks

We offer medical, dental, and vision plans that cover you, your spouse/domestic partner, and children. Life insurance, parental leave, plus short-term and long-term disability coverage are also available. Riot will support your retirement benefits with a company match, and double down on your donations of time and money to non-profit charitable organizations. Balance between work and personal life is encouraged with open paid time off, and a play fund so you can broaden and deepen your personal relationship with games.

It's our policy to provide equal employment opportunity for all applicants and members of Riot Games, Inc. Riot Games makes reasonable accommodations for handicapped and disabled Rioters and does not unlawfully discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, handicap, veteran status, marital status, criminal history, or any other category protected by applicable federal and state law, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance relating to an applicant's criminal history (LAMC 189.00).