Facebook pixel

Governance Senior Manager
Confirmed live in the last 24 hours
New York, NY, USA
Experience Level
Desired Skills
  • At least 7-10 years of Risk Management, Information Security, IT auditing or equivalent experience
  • Demonstrate a strong understanding of Information Security, the IT environment, and their impact on business risk
  • Risk Management experience, including developing and deploying remediation plans required
  • Experience running and managing risk assessments and risk registers for a firm with significant regulatory requirements, preferably Financial Services
  • Experience designing, documenting, and evaluating Security and IT compliance requirements based on the needs of an organization
  • Ability to lead GRC monthly risk metrics and report any incidents for regulatory requirements for FanDuel Group
  • Easily adapt to a rapidly evolving, faced-paced, cyber security environment as it relates to changes in strategy or risk
  • Experience with using GRC platforms like ZenGRC considered a major plus
  • Demonstrate ability to develop a strategy, and design and execute on the associated plan
  • Strong knowledge of ISO 27001 requirements and their applicability
  • Strong analytical, interpersonal, and communication skills (both verbal and written)
  • Experience leading and mentoring others to help them grow in their positions and the industry
  • Strong project management skills and ability to work independently on engagements
  • Bachelor's degree or higher in Cybersecurity, Cyber Defense, Information Management Systems, or equivalent Cybersecurity qualifications
  • Job description may change depending on business needs
  • Lead Cybersecurity Department (CSD) by developing and managing risk register in alignment against Information Security Policies for the security of confidentiality, availability, integrity of information, business delivery, technology, and safety
  • Lead Security Governance, Business Continuity/Disaster Recovery, and ISO team to create, enhance, support, and enforce security policies and practices for risk mitigation
  • Lead ISO 27001 and financial certifications for FanDuel Group
  • Bring your expertise in risk assessment to assess and report on our information systems ensuring processes and procedures are followed according to Information Security Policy requirements and best practices
  • Identify and analyze the inherent risks in applications and supporting infrastructure and the controls that management has implemented to mitigate risks
  • Lead the implementation of ISO 27001 framework alignment with the Information Security management System (ISMS) per FDG vertical and drive FDG
  • Lead the initiative to train all new hires on the Governance team and create a continuous yearly training process for member firms within the organization to understand the CSD Risk posture and act as a mentor/subject matter expert
  • Lead, manage, and execute complex IT assessment projects including internal audits, system implementations, and specialized IT areas (cloud, devsecops, agile development)
  • Drive a culture of risk awareness, risk and control visibility with measurable risk reduction and effective reporting, and governance of risk reduction activities
  • Perform assessments and technical review to ensure adherence for compliance. Evaluate risks - known and unknown - within the company and its operations in accordance with known industry frameworks (i.e., ISO, SCF, NIST, GLI-33)
  • Document, assess, investigate, and map known and unknown areas of risk, then present steps to remediate and/or mitigate risk, as appropriate
  • Manage the planning and implementation of policies, standards, and procedures to protect FanDuel's Information Security assets, including the scheduling, and leading of management review meetings
  • Create an asset register to identify and analyze the inherent risks within Cybersecurity Dept. and Technology
  • Collaborate with the various SMEs departments at FanDuel in maintaining the ISMS
  • Lead and participate in business continuous improvement and continuity efforts such as presentations, training, and meetings
  • Lead business continuity and Disaster recovery team to reduce risk associated with the loss of availability
  • Create system security plans, plan of action and milestones, personnel training, and help drive security governance to support the ISMS
  • Facilitate and maintain Risk assessment and Risk treatment plan execution and database status to support the ISMS
  • Document within GRC tool all nonconformities and drive remediation efforts for risks identified in the risk register
  • Lead security awareness training for the organization
  • Lead Data Lifecycle program for Cybersecurity Department
Desired Qualifications
  • Certifications such as CISSP, CISA, CGEIT, CRISC, CAP, and ISO 27001 Third Party Lead Auditor is a plus
  • Experience in data privacy standards like GDPR, CCPA is a plus
  • Privacy certifications, such as CDPSE or CIPP/CIPM, is a plus
  • Experience with PCI DSS, including previous certification as a QSA, ISA, PCIP, is a plus

1,001-5,000 employees

Fantasy sports and online U.S. sportsbook
Company Overview
Fanduel is on a mission to make sports more exciting. The company provides a daily fantasy sports platform with a range of game types for players with a guaranteed prize pool for the winners.
  • From peer-to-peer learning to industry conferences, there are a number of ways to develop your career
  • From your head to your toes we’ve got you covered with our 100% health insurance coverage
  • We keep a well-stocked supply of snacks and refreshments to keep you going throughout the day
  • Flexible hours and vacation scheduling let you work when you’re at your best
  • We provide the latest tech and equipment, you get the job done
Company Core Values
  • We’re not just a company, we’re a collective. And we’re not just coworkers, we’re a community.
  • We’re an all-hands-on-deck crew of dreamers, doers, thinkers, makers, builders, breakers, and rebuilders.
  • We value teamwork above all else.
  • We believe that diversity and inclusiveness are at the core of any good team.
  • Passion for building a product our customers will love, passion for being the best in our field, and passion for our own people.