Hard Rock Digital
Hard Rock Digital

Cybersecurity Risk Analyst

otherfulltime-permanentRemote job
SALARY
Not listed
WORK TYPE
remote
JOB TYPE
fulltime-permanent
INDUSTRY
gaming
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

What we're building

Hard Rock Digital is a team focused on becoming the best online sportsbook, casino, and social gaming company in the world. We're building a team passionate about learning, operating, and creating innovative products and technologies for millions of consumers. We care about each customer interaction, experience, behavior, and insight and strive to ensure we always act authentically. Rooted in the kindred spirits of Hard Rock and the Seminole Tribe of Florida, Hard Rock Digital taps into a brand known worldwide as a leader in gaming, entertainment, and hospitality. We're bringing that legacy into the digital space - ready to join us?

What's the position?

We are seeking an experienced Cybersecurity Risk Analyst to join the Security Risk Management (SRM) team at a leading US online gaming platform. Reporting to the Director of SRM, this role is critical in protecting our cloud-based gaming infrastructure, customer data, and financial systems while ensuring compliance with gaming regulations and industry standards. This role goes beyond traditional GRC. Our SRM team operates an AI-augmented Integrated Management System (IMS) built on ISO 27001 PDCA principles, where agentic AI tooling and its ecosystem of security skills are core to daily workflow. You will bring strong risk management fundamentals and the ability to leverage AI tools to accelerate risk assessment, compliance evidence gathering, policy development, and executive reporting. We need someone who can hit the ground running with our AI-driven approach and actively identify new ways to apply AI across all SRM use cases. This role is crucial for proactively managing technology risks and maintaining a strong security posture in an evolving threat landscape. You will combine strong technical knowledge with business acumen and AI fluency to effectively communicate and manage risks across all organizational levels.

What Sets This Role Apart

This is not a traditional GRC analyst position. You will work in an environment where:

  • AI is core tooling. AI agents and our ecosystem of 50+ security-specific skills are how we draft policies, gather audit evidence, validate compliance, assess vendors, and produce executive reports
  • Live data powers AI workflows. MCP servers connect our AI agents directly to GRC, security monitoring and defence, communications, and threat intelligence tools, enabling real-time compliance queries and automated evidence collection rather than manual data gathering
  • Our documentation lives in code. Our Integrated Management System is a git repository structured around ISO 27001 PDCA, not a collection of Word documents in SharePoint
  • You will shape how AI is used. Beyond using AI tools, you will help define AI governance for the organization and continuously improve how AI supports SRM operations
  • Gaming adds complexity. Multiple jurisdictional gaming commissions, GLI certification, and real-time financial systems create a uniquely challenging regulatory environment

If you thrive at the intersection of security risk management and AI-driven productivity, and you are excited about pushing the boundaries of what AI can do for GRC, we want to hear from you.

What You'll Do

Risk Assessment and Management

  • Conduct comprehensive risk assessments of cloud infrastructure, gaming applications, CI/CD pipelines, DevOps processes, payment processing systems, and all other aspects of internal technology operations
  • Develop and maintain risk registers, threat models, vulnerability and threat management programs, and risk treatment plans across eight enterprise risk categories
  • Perform quantitative and qualitative risk analysis using industry-standard methodologies (ISO 27005, ISO 31000, NIST RMF)
  • Evaluate third-party vendor security risks and assess supply chain vulnerabilities using structured TPRM frameworks
  • Leverage AI tools to accelerate risk identification, analysis, and reporting workflows

Risk Mitigation and Control Implementation

  • Develop and rec
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $15/mo. Cancel anytime.
Get AutoApply
Apply now
Cybersecurity Risk Analyst at Hard Rock Digital — Remote