Security Compliance Analyst

Scopely is looking for a Security Compliance Analyst to join our Information Security team in Barcelona on a remote basis.

At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.

What You Will Do

• Work with global teams and business partners to provide guidance and support with compliance, policy, and regulatory matters
• Research and educate teams on emerging security and privacy laws
• Develop and maintain comprehensive documentation of compliance activities, policies, and procedures
• Provide remediation guidance and prepare management reports to track remediation activities
• Assist with security configuration standards for systems and business applications to meet compliance requirements
• Develop and maintain up-to-date knowledge of industry standards, including ISO 27001, GDPR, HIPAA, SOC 2, and other relevant security / compliance frameworks
• Define and document business process responsibilities and ownership of the controls in a GRC tool
• Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met
• Collaborate with various teams and departments to identify and mitigate risks, ensuring security compliance across all functions
• Maintain and identify areas of opportunity for compliance automation tasks
• Support vendor due-diligence process and help to lead and define overall third party risk management efforts
• Keep up to date and educate stakeholders about the industry’s latest security and technology developments

What We’re Looking For

• Bachelor's degree in Information Technology, Cybersecurity, or a related field. Advanced degree or professional certifications (e.g., CISSP, CISM, CISA) preferred
• Minimum of 4 years of experience in information security, with at least 1 year in a compliance-focused role
• Proficient in creating automation scripts in Python
• Understanding of database construction, querying, and analysis (e.g SQL and similar languages)
• General understanding of Big Data
• Familiarity with OneTrust or similar compliance management platforms
• Strong understanding of privacy laws (such as GDPR, CCPA) and experience in implementing policies to comply with these and other regulations
• Knowledge of best practice standards (e.g. NIST, ISO 27001 / 2, COBIT)
• Strong analytical skills and experience with security assessment tools and methodologies
• Basic knowledge of information security solutions, data loss prevention, intrusion detection and prevention, network security monitoring, vulnerability management, and security testing

At Scopely, we create games for everyone - and want to ensure that the people behind our games reflect that! We are committed to creating a diverse, supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure!