FanDuel · 2 days ago
Cyber Due Diligence Analyst
Wonder how qualified you are to the job?
Fantasy SportsGaming
Insider Connection @FanDuel
Responsibilities
Conduct thorough security assessments of third-party vendors, suppliers, and partners to evaluate their compliance with established security policies, regulations, contracts, and industry best practices.
Perform and/or support targeted assessments as needed - for example, Mergers & Acquisitions (M&A) and Request for Proposal (RFP) activities
Analyze and interpret third-party security assessment findings and provide recommendations and remediation plans to mitigate identified risks.
Monitor and track third-party risk issues, ensuring timely resolution and appropriate risk mitigation actions are taken.
Maintain a comprehensive understanding of the organization's third-party risk management framework and standards.
Ensure assessments are in accordance with known industry frameworks (i.e., ISO, SCF, NIST, GLI-33).
Collaborate with cross-functional teams, including Strategic Sourcing / Procurement, Legal & Compliance, IT, Cybersecurity, and business units to gather necessary information and ensure compliance with risk management processes.
Stay updated with emerging trends, regulatory changes, and industry standards related to third-party risk management, and incorporate them into risk assessment processes and practices.
Prepare reports, summaries, and metrics on third-party security assessments to stakeholders and senior management, highlighting key findings and recommendations.
Assist in the development and enhancement of third-party due diligence policies, procedures, and frameworks to continually improve the effectiveness and efficiency of risk assessment processes.
Support the development of training and guidance to internal teams on third-party risk management best practices and procedures.
Help foster a culture of risk awareness.
Manage assessments and related work artifacts within OneTrust, Jira, or other tools as necessary.
Assist with special risk assessment and department initiatives, as assigned.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor’s degree preferred in a technical field (e.g., Cybersecurity, Information Technology) or equivalent combination of education, training, and relevant experience.
3+ years of experience in risk management required. Cross functional experience in IT or information security governance, risk management and compliance (GRC), with a focus on third party risk management and vendor management preferred.
Experience executing and managing cybersecurity assessments in a heavily regulated industry, preferably Financial Services.
Knowledge of relevant regulations, standards, and frameworks related to third-party risk management, such as ISO 27001, NIST CSF, NIST SP 800-53, GDPR, GLI-33, and other industry-specific regulations.
Familiarity with risk assessment methodologies, frameworks, best practices, and the full breadth of cybersecurity domains, particularly as they pertain to third-party risk management.
Expertise in evaluating vendor posture by analyzing SOC 2 reports and other attestations.
Experience conducting risk assessments of third-party vendors, suppliers, or partners, including evaluating their compliance with policies, procedures, and regulatory requirements.
Good analytical skills to identify and assess potential risks associated with third-party relationships, such as data security, operational vulnerabilities, and regulatory compliance.
Detail-oriented mindset with the ability to analyze and interpret risk assessment findings and provide recommendations and remediation plans to mitigate identified risks, all while communicating with external stakeholders.
Ability to prepare clear and concise reports, summaries, and documentation related to risk assessments.
Ability to cultivate relationships with cross functional teams to promote collaboration and cohesiveness
Proactive and collaborative attitude with the ability to stay updated on emerging trends, regulatory changes, and industry standards related to third-party risk management.
Preferred
Familiarity with risk management software or tools used for tracking and managing third-party risks will be an advantage.
Benefits
Medical insurance
Vision insurance
Dental insurance
Life insurance
Disability insurance
401(k) matching program
Short-term or long-term incentive compensation
Paid personal time off
14 paid company holidays
Paid sick time
Company
FanDuel
FanDuel offers fantasy sports with daily games for real money.
H1B Sponsorship
FanDuel has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Trends of Total Sponsorships
2022 (2)
2021 (3)
Funding
Current Stage
Late StageTotal Funding
$416.2MKey Investors
Kohlberg Kravis RobertsShamrock Capital AdvisorsComcast Ventures
2020-12-03Acquired· by Flutter Entertainment ($4.18B)
2017-09-12Series E· Undisclosed
2016-09-15Convertible Note· $55M
Leadership Team
Recent News
2024-05-24
2024-05-12
Company data provided by crunchbase