Activision BlizzardRemote
Expert Engineer, Governance, Risk, & Compliance
United States of America
Full-time
1 week ago
$122,000 - $225,000 USD
H1B Sponsor
Key skills
Technical GRC engineeringGRC compliance frameworksCloud security servicesScripting languagesGRC tools proficiencyTechnical risk assessmentsGRC AI-agent developmentAnalytical skillsCommunication skillsProblem solving skillsPythonBashPowerShellAIAWSAzureGCPServiceNowLeadershipRisk ManagementCommunicationProblem SolvingCloud Security
About this role
Activision Blizzard is a leader in the videogame industry, known for its iconic franchises and commitment to innovation. The Expert Engineer role focuses on Governance, Risk, and Compliance, requiring technical expertise to implement and maintain security governance and compliance objectives.
Responsibilities:
- Play a critical role in the technical development, implementation, and maintenance of the GRC platform
- Drive integration strategies between GRC platforms and enterprise systems to enable automated data sharing and reporting
- Provide expert guidance and leadership on GRC technical matters to senior leadership and business stakeholders
- Establish standardized workflows for risk assessments, exception handling, and remediation tracking to ensure consistency and accountability
- Develop and implement compliance monitoring and reporting mechanisms in the GRC platform
- Perform technical risk assessments as part of security exceptions to identify gaps and engage with the business to understand control environments and mitigation strategies
- Oversee issue management processes for audit findings, risk mitigation, and compliance gaps, ensuring timely resolution
- Provide expert guidance on GRC architectures and AI -agent development
- Participate in the administration of GRC tools and AI -agents
Requirements:
- Bachelor's degree or equivalent work experience
- 10+ years of direct experience in information security governance, risk management, compliance and/or security engineering
- Excellent oral/written communication, problem solving and analytical skills
- Ability to work independently and as part of a team to achieve desired objectives and project results
- Ability to interface effectively and decisively with all levels of management, departments, business units across global time zones and outside vendors
- Ability to consistently provide proactive communications and status to management and project teams
- A desire to participate in creating the workplace you want to be a part of
- Technical GRC engineering capabilities
- Deep knowledge of leading practice GRC and compliance frameworks such as NIST 800-53 and CSF, CIS Controls, Cloud Security Alliance (CSA) CCM, etc
- Ability to translate controls into technical system configurations and implement security controls within cloud and on-prem environments
- Direct experience in performing technical assessments of cloud environments and application security, within the context of risk management and compliance
- Understanding of technical GRC architectures, log flows, APIs, and pipelines
- Strong knowledge of cloud platforms (AWS, Azure, GCP) and their security services
- Proficiency in scripting languages (Python, PowerShell, Bash) for automation and experience with building and maintaining integrations between GRC platforms and downstream/upstream systems to facilitate risk management workflows
- Strong familiarity with GRC tools (e.g., ServiceNow GRC, Archer, AuditBoard, etc.)
- Experience with building dashboards and alerts for compliance monitoring
- Knowledge of GRC AI-agent development and governance
- Awareness of new upcoming cybersecurity compliance regulations and related requirements
- Relevant GRC and compliance certifications including Certified Information Systems Auditor/ Manager (CISA/CISM), CRISC, Cloud security certifications (AWS, Azure, GCP)