Senior Manager, GRC

At GameStop, we are committed to providing exceptional service and delivering the latest and greatest in gaming products to our customers. As a leading global retailer of video games, electronics, and gaming merchandise, we take pride in offering a wide range of products that cater to the needs and desires of gamers worldwide. Our mission is to create unforgettable experiences for our customers by constantly pushing the boundaries of what's possible. Whether you're a hardcore gamer or just starting out, we've got something for everyone. Join us in our mission to shape the future of gaming and bring the best gaming products to the world!

The Senior GRC Manager will lead GameStop programs required to ensure that the organization is secure, private, and compliant. Working with the GameStop CISO, this role will lead the GRC team and provide management over GameStop policies and standards, compliance and privacy requirements, security awareness and training functions, third party risk management, and operational tasks. As part of the wider security program, the Senior GRC Manager will lead the support of efforts such as incident management and oversight over other security functions.

This position sits onsite 5 days a week in Grapevine, TX.

What you'll do

• Provide overall direction and oversight of the GameStop’s global governance, risk, and compliance programs.
• Manage GRC operations and projects to ensure timely and effective completion
• Ensure compliance with regulatory requirements, security frameworks, and GameStop internal policies and standards
• Oversee first- and third-party risk, maintenance of the internal risk register, and risk management activities
• Manage operations required to compliance with mandatory consumer privacy requests
• Maintain and review GameStop’s internal policies and standards
• Develop internal communications and security training programs, including security and privacy awareness, developer training, and general security practices
• Lead and develop members of the GameStop GRC team
• Identify, track, and report meaningful performance/progress metrics on the state of the global GRC program 
• Collaborate with other security leaders to drive cross functional initiatives

What you'll bring

• At least 6 years of experience in IT GRC, information security, or audit roles with a minimum of 1 year in a leadership position or 2 years of experience with an advanced degree in cyber security
• A bachelor’s degree in cyber security, information technology, or other related field or 2 additional years of job-related experience in IT GRC, information security, or audit roles
• An ideal candidate will have experience in at least one of the following disciplines:
  • Global and US privacy regulations (e.g. GDPR, PIPEDA, COPPA, CCPA and other state laws)
  • IT general controls
  • Internal audit processes
  • Incident response
  • Compliance requirements such as Sarbanes-Oxley or PCI-DSS
  • Security and privacy frameworks such as NIST CSF or the Nymity Privacy Framework
• Ability to communicate effectively with both technical and non-technical partners across the business
• Collaborate with other security team members to drive cross functional initiatives
• Model the behaviors expected of all GameStop leaders including, but not limited to, a drive for results, with a demonstrable bias for action; high levels of emotional intelligence, maturity, and professionalism; giving, receiving and responding to

Full-time store positions at GameStop are also eligible to participate in incentive programs, health benefits, paid time off, 401 (k), employee discount and a casual work environment. Positions at GameStop may also be eligible for a bonus and/or other incentives.