Sr. Manager, Information Security GRC

Job Description

The Role

The Sr. Manager, Information Security GRC (Fanatics Corporate) reports to the VP, Information Security (GRC) and will focus efforts on managing all cyber and third-party risks for Fanatics Corporate. In this you will play a crucial role in assessing, managing, and driving mitigation of risks associated with both our third-parties (vendors, suppliers, and partners) and our wider cybersecurity program. You will drive a comprehensive risk management approach, while supporting subsidiary cybersecurity teams in maturing and standardizing their risk programs.

What You'll Do

• Oversee cyber and third-party risk management for the corporate entity, ensuring alignment with business objectives.
• Assist subsidiary InfoSec teams in developing and maturing their risk management programs.
• Establish consistent reporting mechanisms for executives and board functions, providing clear risk insights.
• Drive adoption of enterprise-wide risk assessment methodologies, frameworks, and tools.
• Collaborate with key stakeholders to enhance risk governance and ensure compliance with regulatory requirements.
• Monitor emerging threats, evolving regulations, and industry best practices to continuously improve risk posture.
• Identify risks associated with potential Corporate third-party vendors, by conducting thorough risk assessments and due diligence to ensure Corporate standards are met and maintained
• Coordinate and perform risk re-assessment of existing third-party vendors to ensure the continued management and reduction of risk.
• Perform vendor continuous monitoring tasks, utilizing cyber rating platforms to ensure timely alerting of any vendor decreasing controls, or other relevant intelligence.
• Monitor and track the off-boarding process for vendors, ensuring that all security-related aspects are addressed and terminated in a secure manner.
• Collaborate with stakeholders and cross-functional teams (i.e., business owners, procurement, legal, privacy, IT teams, and other InfoSec teams etc.) to support the holistic review of the vendor and services/products being provided.
• Assist with the administration and maintenance of the global GRC platform.
  
  

What We're Looking For

• Considerable experience working in Information Security GRC, with focus on leading a risk management program, or ability to step up into such a position.
• Considerable experience of working with third-party risk assessment tools and cyber rating platforms.
• Strong understanding of Information Security risk frameworks (e.g., ISO, NIST, FAIR etc.).
• Strong understanding of Information Security control frameworks (e.g., NIST, CIS, SCF etc.).
• Strong understanding of Information Security Third-Party frameworks and processes.
• Ability to work collaboratively in teams and develop meaningful relationships to achieve common goals.
• Excellent presentation and communication skills.
• Excellent influencing and problem resolution skills.
  
  

Job Locations: New York - NY, Jacksonville – FL, Atlanta – GA.

Mandatory office attendance: four days per week, with flexibility to choose which days in coordination with your manager.

In NYC, the salary range for this position is $165,000 to $200,000, which represents base pay only and does not include short-term or long-term incentive compensation. When determining base pay, as part of a final compensation package, we consider several factors such as location, experience, qualifications, and training.

About Us

Fanatics is building a leading global digital sports platform. We ignite the passions of global sports fans and maximize the presence and reach for our hundreds of sports partners globally by offering products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect, and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans; a global partner network with approximately 900 sports properties, including major national and international professional sports leagues, players associations, teams, colleges, college conferences and retail partners, 2,500 athletes and celebrities, and 200 exclusive athletes; and over 2,000 retail locations, including its Lids retail stores. Our more than 22,000 employees are committed to relentlessly enhancing the fan experience and delighting sports fans globally.