Enable job alerts via email!
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Hard Rock Digital is seeking a Cybersecurity Risk Analyst to protect its cloud-based gaming infrastructure and customer data. The role involves conducting risk assessments, developing mitigation strategies, and ensuring compliance with industry standards. Ideal candidates should have expertise in cybersecurity, strong analytical skills, and the ability to manage risks effectively.
Hard Rock Digital is a team focused on becoming the best online sportsbook, casino, and social gaming company in the world. We’re building a team that resonates passion for learning, operating, and building new products and technologies for millions of consumers. We care about each customer interaction, experience, behavior, and insight and strive to ensure we’re always acting authentically.
Rooted in the kindred spirits of Hard Rock and the Seminole Tribe of Florida, the new Hard Rock Digital taps a brand known the world over as the leader in gaming, entertainment, and hospitality. We’re taking that foundation of success and bringing it to the digital space — ready to join us?
What’s the position?
We are seeking experienced Cybersecurity Risk Analysts to join our security team at a leading US online gaming platform. This role is critical in protecting our cloud-based gaming infrastructure, customer data, and financial systems while ensuring compliance with gaming regulations and industry standards. The analyst role involves conducting risk assessments, developing risk management and mitigation strategies, supporting audit activities, and ensuring compliance with security policies and compliance requirements.
This role is crucial for our organization to proactively manage technology risks and maintain a strong security posture in an evolving threat landscape. The ideal candidate combines strong technical knowledge with business acumen to effectively communicate and manage risks across all organizational levels.
Key Responsibilities
Risk Assessment and Management
Conduct comprehensive risk assessments of cloud infrastructure, gaming applications, CI/CD pipelines, DevOps processes, payment processing systems, and all other aspects of internal technology operations.
Develop and maintain risk registers, threat models, vulnerability and threat management programs, and maintain risk treatment plans.
Perform quantitative and qualitative risk analysis using industry-standard methodologies (ISO 27005).
Evaluate third-party vendor security risks and assess supply chain vulnerabilities.
Risk Mitigation and Control Implementation
Develop and recommend risk mitigation strategies and security controls
Collaborate with technical teams to implement security measures and monitor their effectiveness
Track remediation efforts and verify risk reduction activities
Create and maintain risk metrics and key risk indicators (KRIs)
Compliance and Governance
Ensure alignment with both internal, regulatory, and industry requirements (state-specific gaming and privacy regulations, ISO27001, PCI-DSS, financial audits, etc.)
Support internal and external audits by providing risk documentation and evidence
Maintain security policies, procedures, and risk management frameworks
Assist in developing and updating the organization's cybersecurity strategy
Reporting and Communication
Prepare risk reports and dashboards for management and stakeholders
Present risk findings and recommendations to technical and non-technical audiences
Document risk assessment methodologies and maintain assessment artifacts
Provide risk-based guidance for security strategy decisions
Incident Response and Business Continuity
Participate in site reliability incident response activities, in particular post-incident reviews
Similarly participate in security incidents for risk impact and lessons learned
Support business continuity and disaster recovery planning
Conduct tabletop exercises and risk scenario planning
What are we looking for?
Education
Bachelor's degree in Computer Science, Information Security, Technology Risk Management, or related field
Relevant certifications can substitute for formal education requirements
Experience
3-5 years of experience in cybersecurity, risk management, or IT audit within the tech industry
Demonstrated experience with risk assessment methodologies and frameworks
Knowledge of security controls and their implementation
Experience with GRC tools
Technical Skills
Understanding of security technology concepts (firewalls, IDS/IPS, SIEM, vulnerability discovery, CI/CP pipelines)
Familiarity with cloud security (AWS, Azure, GCP)
Knowledge of network protocols and security architectures
Basic scripting abilities for automation
Certifications (Preferred)
CRISC (Certified in Risk and Information Systems Control)
CISA (Certified Information Systems Auditor)
CISSP (Certified Information Systems Security Professional)
CompTIA Security+ or CySA+
Soft Skills
Strong analytical and problem-solving abilities
Excellent written and verbal communication skills
Ability to translate technical risks into business impact
Detail-oriented with strong organizational skills
Ability to work independently and manage multiple projects
Additional Preferred Qualifications
Experience with specific GRC platforms (Vanta, OneTrust)
Knowledge of emerging threats and threat intelligence
Experience in cloud based technology organizations
Understanding of DevSecOps and agile methodologies
Experience in regulated industry sectors
What’s in it for you?
We offer our employees more than just competitive compensation. Our team benefits include:
Competitive pay and benefits
Flexible work from home or office hours
Startup culture backed by a secure, global brand
Opportunity help shape the future strategy of the Casino Product
Roster of Uniques
We care deeply about every interaction our customers have with us, and trust and empower our staff to own and drive their experience. Our vision for our business and customers is built on fostering a diverse and inclusive work environment where regardless of background or beliefs you feel able to be authentic and bring all your talent into play. We want to celebrate you being you (we are an equal opportunities employer)