AVAILABLE POSITIONS Sr. Cybersecurity Risk Analyst
Zynga is looking for a Sr. Cybersecurity Risk Analyst to work closely with our studio partners across the business to drive continuous improvement in risk management practices. This position will collaborate with business partners to identify and resolve control gaps to improve our cybersecurity posture, maintain compliance documentation, assess technical integrations, and work to mature our practice. If you have a strong background in cybersecurity risk, threat, vulnerability, and compliance, and a passion for inspiring change, we encourage you to apply!
- Collaborate with partners to identify critical digital assets and establish a baseline for their security.
- Perform comprehensive risk assessments to identify potential cybersecurity threats and vulnerabilities in our systems, applications, and infrastructure.
- Assess technical integrations with third-party providers.
- Develop and maintain a comprehensive cybersecurity risk register, prioritizing risks based on their potential impact and likelihood of occurrence.
- Continuously improve and refine risk management practices, identify control gaps, and develop remediation plans with business partners.
- Collaborate with partners to understand business processes and develop risk mitigation strategies.
- Stay current on cybersecurity trends, threats, and technologies to ensure our risk management practices remain relevant and effective.
- Develop and provide knowledge resources to risk management partners.
- Assist in developing and maintaining compliance documentation, policies, standards, procedures, and guidelines, and handle exception requests.
- Review and analyze security exceptions and provide recommendations for risk reduction.
- Track cybersecurity issues, action plans, and compliance status and produce reports and presentations.
- Continuously monitor, analyze, and report on the effectiveness of implemented security measures.
- Collaborate with studio partners to develop and implement cybersecurity risk response strategies, controls, and documentation.
- Provide regular reporting and updates on response activities to senior management and partners.
- Define and manage critical metrics for continuous risk management practice improvements.
DESIRED SKILLS AND EXPERIENCE
- Bachelor's degree or 6+ years of professional work experience in the risk management field. .
- Six or more years of experience in cybersecurity risk, compliance-related activities, or business process development.
- Knowledge of risk assessment and management methodologies and frameworks, including but not limited to NIST, ISO 27001, FAIR, and CIS RAM.
- Industry Certifications such as CISSP, CISM, CRISC, CISA, etc.
- Two or more years of experience with NIST frameworks.
- Ability to articulate risk in business terms and provide risk treatment advice balancing mitigation cost with risk severity.
- Knowledge of Application and Cloud Security industry standards, trends, threats, vulnerabilities, and technology frameworks.
- Agile software development and Project management experience.
- Ability to clearly communicate technical concepts to all audiences.
- Ability to inspire change & handle multiple projects.
- Knowledge in the security community such as research, published CVEs, bug-bounty recognitions, open-source projects, blogs or publications.'
WHAT WE OFFER YOU:
- Competitive salary, bonus plan, ESPP (Employee Stock Purchase Plan)
- 401K Company Match Contribution (US)
- RRSP Company Match Contribution (Canada)
- Extended Health coverage, dental, disability, critical illness, EAP, and life insurance (Canada)
- Medical, dental, vision, EAP, life insurance, and disability benefits (US)
- Virtual mental health and neurodiversity support programs
- Fitness benefits (offering varies by location)
- Financial wellness program with unlimited access to certified financial planners
- Discretionary Time Off policy for many employees
- Family planning support program
- Generous paid parental leave
- Subsidized Back-up child care
- Zynga happy hours and frequent employee events
- Flexible working hours on many teams
- Culture of diversity and inclusion including employee resource groups
- Work with cool people and impact millions of daily players
We are an equal opportunity employer and we are committed to building a diverse and talented workforce. We do not discriminate on the basis of race, sex, religion, colour, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, medical condition, disability, or any other class or characteristic protected by applicable law. We welcome job-seekers, players, employees, and partners from all backgrounds to join us!
We will consider all qualified job-seekers with criminal histories in a manner consistent with applicable law.
We are committed to providing reasonable accommodations to qualified individuals with physical or mental disabilities in order to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us at AccommodationRequest@zynga.com to request an accommodation associated with your application for an open position.
The pay range for this position in California at the start of employment is expected to be between $105,000 and $155,000 per year.
However, base pay offered is based on market location, and may vary further depending on individualized factors for job candidates, such as job-related knowledge, skills, experience, and other objective business considerations. Subject to those same considerations, the total compensation package for this position may also include other elements, including a bonus and/or equity awards, in addition to a full range of medical, financial, and/or other benefits. Details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, employee will be in an “at-will position” and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation or benefit program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.
Zynga does not engage in financial exchanges during the recruitment or onboarding process. We do not conduct job interviews over third-party messaging apps such as Telegram, WhatsApp or others. We will never ask you for your personal or financial information over unofficial chat channels. Our in-house recruitment team only contacts individuals via official company email addresses (i.e., via a zynga.com or naturalmotion.com email domain).
If you believe you have been the victim of a scam, you may wish to contact the authorities. In the United States, you may file a complaint with the FBI. More information is available here: https://www.ic3.gov.
Careers Category: IT, Development Operations & Security
Careers location: Austin, TX, Bay Area, CA, Chicago, IL, Toronto, Canada
Connected Worker Type: Connected
Requisition Id: R_108401
Select Your Country of Residence