Genius Sports
Senior Security Risk Specialist
Genius Sports, New York, New York, us, 10261
Senior Security Risk Specialist
A bit about us
Do you want to join one of the world's fastest growing sports technology companies?
Genius Sports is at the epicenter of the global network connecting sports, brands and fans through official live data. Our mission is simple. We champion a more sustainable sports data ecosystem that benefits all parties.
We're looking for enthusiastic and ambitious people to join our talented team.
If you see yourself becoming part of a global family building the future of sports entertainment together, then come and grow with us.
We put trust in our people to deliver the difference for our clients around the world. It's why many of the world's largest leagues & federations such as the NFL, English Premier League, FIBA and NCAA choose to work with Genius Sports.
The Role
We are accelerating our security journey, aiming to deliver the most trusted sports technology and data on the market, elevating security as a competitive differentiator. Our Security vision is to impress and win customers based on trust in our ability to deliver products and services that meet the highest standards of security.
We are seeking an experienced Senior Security Risk Specialist who can take a lead role in maturing our security risk management capabilities. This role will focus on embedding security risk management practices within our engineering and product teams, enabling us to understand our security risk exposure and drive intelligent risk decision making. The person will develop and govern repeatable frameworks and processes to ensure risks are continually identified and managed by technical stakeholders. They will coordinate risk discussions, leaning on deep security experts to provide expertise.
This person's mission is to secure Genius Sport's technology estate by surfacing and analyzing risks, and subsequently driving their mitigation.
A successful candidate will be experienced in evangelizing security risk management in technology led environments, with the ability to build trust and credibility with stakeholders across Product, Engineering, IT and Security.
This is a great opportunity to join our team at a fantastic time of growth and truly make an impact. Are you ready to play defence?
ResponsibilitiesDevelop, implement, and maintain comprehensive security risk management processes to ensure security risks are effectively identified, assessed and managed.Define security risk management standards and playbooks. Govern their adoption to achieve continuous risk management.Hold others accountable to security risk management, establishing effective mechanisms to surface issues and drive resolution.Oversee the management of the security risk register, ensuring risk information is kept up to date and regularly reviewed.Conduct regular security risk assessments with technical teams and collaborate to develop pragmatic risk treatment plans / requirements.Lead the analysis and articulation of security risks with relevant stakeholders in response to audit findings, threat intel, vendor reviews, incidents, security tests and other risk sources.Embed and govern repeatable processes for risk identification and security requirements setting in the project / product development lifecycle to drive security-by-design.Provide guidance and support to cross-functional teams including Product, Engineering and IT, helping them to capture, communicate and manage risks - leaning on other deep technical security experts to assess risks.Integrate security risk identification and implementation into existing Engineering / Product processes and ways of working to improve adoption and minimize overhead.Ensure creation of all documentation and evidence required to demonstrate security assurance throughout product and project lifecycles.Lead development of business continuity and recovery plans for our technical products and services.Build and communicate compelling security risk reports, including KPIs and KRIs, to convey our risk exposure across different technology areas and mitigation progress.What you'll bring
Deep understanding of security risk management practices and experience driving security risk culture in a product and software engineering led organization.Experience integrating security risk management practices into Agile product and engineering ways of working, such as leveraging existing product artefacts, acceptance criteria, and design processes.Ability to leverage your risk and security expertise to advise on security best practices and propose risk treatment solutions at a relatively technical level, bringing in additional deep technical security experts as needed.Experience implementing and governing security by design frameworks and processes to ensure security risk is considered across all stages of project / product delivery.Who you are
At least 5 years of experience in technical security risk management and/or product management or similar.An expert in security-by-design methodology and ideally security in the SDLC.Strong knowledge of security and risk related standards / frameworks / laws and regulations, able to utilize them to conduct risk analysis and identify mitigating controls. Such as ISO 27034, NIST CSF, SOC 2, Data Protection Laws.Sufficient technical knowledge to facilitate risk discussions with Engineering teams, supported by other technical security experts as needed.A proven track record of delivering change that requires cross-team collaboration.A self-starter who strives for continuous improvement, bringing solutions to the table and taking ownership for delivery.Able to operate with high levels of autonomy and build or adapt processes, rather than rely on pre-existing ones.Able to hold others accountable to their responsibilities and influence through encouragement and conveying the value of risk and compliance.Highly pragmatic, able to consider wider business context and empathetic to competing priorities.A solid understanding of software development practices and cloud environments, able to understand and build credibility with highly technical teams.Comfortable communicating with technical and non-technical audiences.
What's in it for you?
As well as a competitive salary and annual leave allowance, our benefits include health insurance, skills training and much more, depending on the location. We also offer a host of softer benefits, including many social events throughout the year such as summer and winter holiday parties, monthly team building events, sports tournaments, charity days and wellbeing activities.
How we work
We have adapted a forward-thinking 'Ways of Working' framework, which sets out (amongst other things) the opportunities for Geniuses to work flexibly, remotely and on working holidays. It affects different teams and locations differently, so please ask for further information in how it would work with this role.
Our employees are empowered to stretch the boundaries of what's achievable, always reaching further and pushing the edges to see what gives. We collaborate, we innovate, and we celebrate. We will continue to grow as an organization and continue to invest in our highly talented and diverse team of Geniuses.
Genius Sports Group is proud to be an equal opportunities employer. We recognize and celebrate the benefits that a diverse and inclusive workforce bring to our business, our customers and our staff. We welcome and will consider all applications regardless of age, different abilities or disability, gender re-assignment, marriage, pregnancy, maternity, race or nationality, religion or belief, sex and sexual orientation (and any other applicable status). Please let us know when you apply if you need any assistance during the recruiting process due to a disability.
A bit about us
Do you want to join one of the world's fastest growing sports technology companies?
Genius Sports is at the epicenter of the global network connecting sports, brands and fans through official live data. Our mission is simple. We champion a more sustainable sports data ecosystem that benefits all parties.
We're looking for enthusiastic and ambitious people to join our talented team.
If you see yourself becoming part of a global family building the future of sports entertainment together, then come and grow with us.
We put trust in our people to deliver the difference for our clients around the world. It's why many of the world's largest leagues & federations such as the NFL, English Premier League, FIBA and NCAA choose to work with Genius Sports.
The Role
We are accelerating our security journey, aiming to deliver the most trusted sports technology and data on the market, elevating security as a competitive differentiator. Our Security vision is to impress and win customers based on trust in our ability to deliver products and services that meet the highest standards of security.
We are seeking an experienced Senior Security Risk Specialist who can take a lead role in maturing our security risk management capabilities. This role will focus on embedding security risk management practices within our engineering and product teams, enabling us to understand our security risk exposure and drive intelligent risk decision making. The person will develop and govern repeatable frameworks and processes to ensure risks are continually identified and managed by technical stakeholders. They will coordinate risk discussions, leaning on deep security experts to provide expertise.
This person's mission is to secure Genius Sport's technology estate by surfacing and analyzing risks, and subsequently driving their mitigation.
A successful candidate will be experienced in evangelizing security risk management in technology led environments, with the ability to build trust and credibility with stakeholders across Product, Engineering, IT and Security.
This is a great opportunity to join our team at a fantastic time of growth and truly make an impact. Are you ready to play defence?
ResponsibilitiesDevelop, implement, and maintain comprehensive security risk management processes to ensure security risks are effectively identified, assessed and managed.Define security risk management standards and playbooks. Govern their adoption to achieve continuous risk management.Hold others accountable to security risk management, establishing effective mechanisms to surface issues and drive resolution.Oversee the management of the security risk register, ensuring risk information is kept up to date and regularly reviewed.Conduct regular security risk assessments with technical teams and collaborate to develop pragmatic risk treatment plans / requirements.Lead the analysis and articulation of security risks with relevant stakeholders in response to audit findings, threat intel, vendor reviews, incidents, security tests and other risk sources.Embed and govern repeatable processes for risk identification and security requirements setting in the project / product development lifecycle to drive security-by-design.Provide guidance and support to cross-functional teams including Product, Engineering and IT, helping them to capture, communicate and manage risks - leaning on other deep technical security experts to assess risks.Integrate security risk identification and implementation into existing Engineering / Product processes and ways of working to improve adoption and minimize overhead.Ensure creation of all documentation and evidence required to demonstrate security assurance throughout product and project lifecycles.Lead development of business continuity and recovery plans for our technical products and services.Build and communicate compelling security risk reports, including KPIs and KRIs, to convey our risk exposure across different technology areas and mitigation progress.What you'll bring
Deep understanding of security risk management practices and experience driving security risk culture in a product and software engineering led organization.Experience integrating security risk management practices into Agile product and engineering ways of working, such as leveraging existing product artefacts, acceptance criteria, and design processes.Ability to leverage your risk and security expertise to advise on security best practices and propose risk treatment solutions at a relatively technical level, bringing in additional deep technical security experts as needed.Experience implementing and governing security by design frameworks and processes to ensure security risk is considered across all stages of project / product delivery.Who you are
At least 5 years of experience in technical security risk management and/or product management or similar.An expert in security-by-design methodology and ideally security in the SDLC.Strong knowledge of security and risk related standards / frameworks / laws and regulations, able to utilize them to conduct risk analysis and identify mitigating controls. Such as ISO 27034, NIST CSF, SOC 2, Data Protection Laws.Sufficient technical knowledge to facilitate risk discussions with Engineering teams, supported by other technical security experts as needed.A proven track record of delivering change that requires cross-team collaboration.A self-starter who strives for continuous improvement, bringing solutions to the table and taking ownership for delivery.Able to operate with high levels of autonomy and build or adapt processes, rather than rely on pre-existing ones.Able to hold others accountable to their responsibilities and influence through encouragement and conveying the value of risk and compliance.Highly pragmatic, able to consider wider business context and empathetic to competing priorities.A solid understanding of software development practices and cloud environments, able to understand and build credibility with highly technical teams.Comfortable communicating with technical and non-technical audiences.
What's in it for you?
As well as a competitive salary and annual leave allowance, our benefits include health insurance, skills training and much more, depending on the location. We also offer a host of softer benefits, including many social events throughout the year such as summer and winter holiday parties, monthly team building events, sports tournaments, charity days and wellbeing activities.
How we work
We have adapted a forward-thinking 'Ways of Working' framework, which sets out (amongst other things) the opportunities for Geniuses to work flexibly, remotely and on working holidays. It affects different teams and locations differently, so please ask for further information in how it would work with this role.
Our employees are empowered to stretch the boundaries of what's achievable, always reaching further and pushing the edges to see what gives. We collaborate, we innovate, and we celebrate. We will continue to grow as an organization and continue to invest in our highly talented and diverse team of Geniuses.
Genius Sports Group is proud to be an equal opportunities employer. We recognize and celebrate the benefits that a diverse and inclusive workforce bring to our business, our customers and our staff. We welcome and will consider all applications regardless of age, different abilities or disability, gender re-assignment, marriage, pregnancy, maternity, race or nationality, religion or belief, sex and sexual orientation (and any other applicable status). Please let us know when you apply if you need any assistance during the recruiting process due to a disability.