GRC Associate Analyst

At Game Stop, we are committed to providing exceptional service and delivering the latest and greatest in gaming products to our customers. As a leading global retailer of video games, electronics, and gaming merchandise, we take pride in offering a wide range of products that cater to the needs and desires of gamers worldwide. Our mission is to create unforgettable experiences for our customers by constantly pushing the boundaries of what's possible.

Whether you're a hardcore gamer or just starting out, we've got something for everyone. Join us in our mission to shape the future of gaming and bring the best gaming products to the world!

The GRC Associate Analyst assists in the development and execution of Game Stop’s privacy, governance, risk and compliance programs. This role will support Privacy and GRC operations, and the preservation of Game Stop policies, procedures, standards, metrics and reporting, training and awareness communications, consumer privacy audits and requests, and assist with the cyber risk management program.

This position sits onsite 5 days a week in Grapevine, TX.

• Review compliance with regulatory requirements and security frameworks
• Review compliance and exceptions to Game Stop internal policies and standards
• Execute operational tasks required for the Game Stop’s global privacy, governance, risk, and compliance programs including, but not limited to:
• Monitor and respond to consumer privacy requests
• Prepare and maintain Consumer Request Metrics Report
• Create questionnaire templates, procedures and training communications
• Regularly audit and monitor systems to ensure compliance with privacy and GRC requirements
• Assist with data mapping and reporting
• Assist with controls mapping and reporting
• Assess first- and third-party risk management and maintain the internal risk register
• Assess risk exception requests and document remediation plans
• Develop and maintain Game Stop policies, procedures, standards, metrics and reporting
• Deliver internal communications and security training materials, including security and privacy awareness, phishing tests, developer training, and general security practices
• Other duties as assigned

• At least 2 years of experience in an IT GRC, cyber security, or information technology related role or an advanced degree in cyber security
• A bachelor’s degree in cyber security, information technology, or other related field, or 2 additional years of job‑related experience in IT GRC, Information Security, or audit roles
• An ideal candidate will have awareness of at least one of the following disciplines:
• Global and US privacy regulations (e.g. GDPR, PIPEDA, COPPA, CCPA and other state laws)
• Compliance requirements such as Sarbanes‑Oxley or PCI‑DSS
• Security and privacy frameworks such as NIST CSF or the Nymity Privacy Framework
• Ability to communicate effectively with both technical and non‑technical partners across the business
• Collaborate with other security team members to drive cross‑functional initiatives
• Model the behaviors expected of all Game Stop leaders including, but not limited to, a drive for results, with a demonstrable bias for action; high levels of emotional intelligence, maturity, and professionalism; giving, receiving and responding to

Full‑time store positions at Game Stop are also eligible to participate in incentive programs, health benefits, paid time off, 401 (k), employee discount and a casual work environment. Positions at Game Stop may also be eligible for a bonus and/or other incentives