Security Compliance Analyst

Scopely is looking for a Security Compliance Analyst to join our Information Security team in Barcelona on a remote basis.

At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.

What You Will Do

1. Work with global teams and business partners to provide guidance and support with compliance, policy, and regulatory matters
2. Research and educate teams on emerging security and privacy laws
3. Develop and maintain comprehensive documentation of compliance activities, policies, and procedures
4. Provide remediation guidance and prepare management reports to track remediation activities
5. Assist with security configuration standards for systems and business applications to meet compliance requirements
6. Develop and maintain up-to-date knowledge of industry standards, including ISO 27001, GDPR, HIPAA, SOC 2, and other relevant security / compliance frameworks
7. Define and document business process responsibilities and ownership of the controls in a GRC tool
8. Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met
9. Collaborate with various teams and departments to identify and mitigate risks, ensuring security compliance across all functions
10. Maintain and identify areas of opportunity for compliance automation tasks
11. Support vendor due-diligence process and help to lead and define overall third party risk management efforts
12. Keep up to date and educate stakeholders about the industry’s latest security and technology developments

What We’re Looking For

1. Bachelor's degree in Information Technology, Cybersecurity, or a related field. Advanced degree or professional certifications (e.g., CISSP, CISM, CISA) preferred
2. Minimum of 4 years of experience in information security, with at least 1 year in a compliance-focused role
3. Proficient in creating automation scripts in Python
4. Understanding of database construction, querying, and analysis (e.g SQL and similar languages)
5. General understanding of Big Data
6. Familiarity with OneTrust or similar compliance management platforms
7. Strong understanding of privacy laws (such as GDPR, CCPA) and experience in implementing policies to comply with these and other regulations
8. Knowledge of best practice standards (e.g. NIST, ISO 27001 / 2, COBIT)
9. Strong analytical skills and experience with security assessment tools and methodologies
10. Basic knowledge of information security solutions, data loss prevention, intrusion detection and prevention, network security monitoring, vulnerability management, and security testing

At Scopely, we create games for everyone - and want to ensure that the people behind our games reflect that! We are committed to creating a diverse, supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure!