Senior GRC Analyst

Senior GRC Analyst – Rockstar Games

We create world‑class entertainment experiences. Become part of a team working on some of the most rewarding, large‑scale creative projects to be found in any entertainment medium – all within an inclusive, highly‑motivated environment where you can learn and collaborate with some of the most talented people in the industry.

This is a full‑time, in‑office position based out of Rockstar’s NYC headquarters in Downtown Manhattan.

• The Rockstar Games Security team is responsible for advancing the state of information security across the company globally in collaboration with numerous partners and stakeholders by prioritizing and executing security initiatives that drive down risk.
• We strive to understand the threat landscape affecting our development studios, the gaming industry, and the world at large to define information security policies, standards and procedures to safeguard our business and protect our players.
• We lead efforts to build enterprise security controls ranging from endpoint protection technologies to security incident and event monitoring solutions.
• We have a passion for identifying threats and vulnerabilities, and coming up with clever solutions to mitigate or remediate those risks.

• Evaluate the security posture of suppliers, vendors, and third‑party service providers in coordination with relevant risk functions to identify potential vulnerabilities and threats.
• Maintain up‑to‑date inventory of third‑party vendors and risk log, perform follow‑up activities, and engage with stakeholders.
• Recommend and define specific security requirements and guidelines for third‑party vendors, proposing controls and mitigation strategies, and validating the implementation of these controls.
• Coordinate with business stakeholders, engineering, and IT teams to ensure appropriate access controls, secure implementation and/or integration with third‑party systems and services.
• Assist with the development and maintenance of policies and procedures related to vendor risk management tailored to the company's strategic objectives and regularly updated based on evolving threats and regulations.
• Assist in the review of vendor contracts to ensure appropriate security clauses and requirements are included.
• Participate in the cross‑functional software clearance working group to review and assess new software requests.
• Support managing the security request queue, ensuring timely review of incoming requests, alerts, and incidents.
• Assist in the delivery and continuous improvement of security awareness training for new hires by reinforcing security standards and serving as a resource for employee questions.

• Bachelor’s degree in Computer Science, Cybersecurity, or related.
• 5+ years of experience in information security, risk management, or cyber supply chain security.
• Industry‑recognized certifications such as CISSP, CISA, CRISC or other relevant certifications.
• Ability to communicate complex technical risk in a simple and understandable manner.
• Strong knowledge and experience across information security domains.
• Deep familiarity with the performance of third‑party vendor risk management, including methodologies, pitfalls, success factors, and the improvement of associated processes.
• Knowledge of industry frameworks and standards such as ISO
  27001, NIST, CIS, and familiarity with data privacy regulations (e.g., GDPR, CCPA) and diligence activities leveraged by vendors to evidence security maturity (e.g., penetration testing methodologies).
• Familiarity with technologies — hardware, software, and protocols commonly used in applications and system‑to‑system communication (e.g., SAML/OAuth) and network security concepts.
• Experience with third‑party risk management platforms (e.g., scorecard monitoring) and exposure to GRC platforms.

Please apply with a resume and cover letter demonstrating how you meet the skills above. If we would like to move forward with your application, a Rockstar recruiter will reach out to you to explain next steps and guide you through the process.

Rockstar is committed to creating a work environment that promotes equal…