Fanduel is hiring a
Security Third Party Risk Analyst

ABOUT FANDUEL

FanDuel Group (“FanDuel") is an innovative sports-tech entertainment company that is changing the way consumers engage with their favorite sports, teams, and leagues. The premier gaming destination in the United States, FanDuel consists of a portfolio of leading brands across gaming, sports betting, daily fantasy sports, advance-deposit wagering, and TV/media.

FanDuel has a presence across all 50 states with approximately 17 million customers and 28 retail locations. FanDuel is based in New York with offices in New Jersey, Georgia, California, Oregon, Canada and Scotland.

Its networks FanDuel TV and FanDuel+ are broadly distributed on linear cable television and through its relationships with leading direct-to-consumer over-the-top platforms.

FanDuel is a subsidiary of Flutter Entertainment plc, the world's largest sports betting and gaming operator with a portfolio of globally recognized brands and a constituent of the FTSE 100 index of the London Stock Exchange.

THE ROSTER…

At FanDuel, we give fans a new and innovative way to interact with their favorite games, sports and teams. We’re dedicated to building a winning team and we pride ourselves on being able to make every moment mean more, especially when it comes to your career. So, what does “winning” look like at FanDuel? It’s recognition for your hard-earned results, a culture that brings out your best work—and a roster full of talented coworkers. Make no mistake, we are here to win, but we believe in winning right. That means we’ll never compromise when it comes to looking out for our teammates. From creatives professionals to cutting edge technology innovators, FanDuel offers a wide range of career opportunities, best in class benefits, and the tools to explore and grow into your best selves. At FanDuel, our principle of “We Are One Team” runs through all our offices across the globe, and you can expect to be a part of an exciting company with many opportunities to grow and be successful.

THE POSITION
Our roster has an opening with your name on it

We are looking for a Security Third Party Risk Analyst in the  Security & Third-Party Due Diligence team. Our Security & Third-Party Due Diligence team has the unique opportunity and visibility to actively partner with departments across FanDuel Group taking a holistic view of the entire company and reducing risk. The Security & Third-Party Due Diligence Analyst will support the end-to-end third-party implementation process to ensure FanDuel’s vendors meet our security needs, including pre-contractual third-party security reviews, post-contractual controls & risk assessment to identify the required security controls and potential risks to remediate to ensure security on Day 1, and documenting any remaining risks in the security risk register for post implementation remediation.

THE GAME PLAN
 Everyone on our team has a part to play

• Conduct thorough security assessments of third-party vendors, suppliers, and partners to evaluate their compliance with established security policies, regulations, contracts, and industry best practices.
• Analyze and interpret third-party security assessment findings and provide recommendations and remediation plans to mitigate identified risks.
• Monitor and track third-party risk issues, ensuring timely resolution and appropriate risk mitigation actions are taken.
• Develop and maintain a comprehensive understanding of the organization's third-party risk management framework and standards.
• Ensure assessments within the company are in accordance with known industry frameworks (i.e., ISO, SCF, NIST, GLI-33).
• Collaborate with cross-functional teams, including legal, procurement, IT, and business units, to gather necessary information and ensure compliance with risk management processes.
• Stay updated with emerging trends, regulatory changes, and industry standards related to third-party risk management, and incorporate them into risk assessment processes and practices.
• Prepare and present reports, summaries, and metrics on third-party security assessments to stakeholders and senior management, highlighting key findings and recommendations.
• Assist in the development and enhancement of third-party due diligence policies, procedures, and frameworks to continually improve the effectiveness and efficiency of risk assessment processes.
• Provide training and guidance to internal teams on third-party risk management best practices and procedures.
• Provide a culture of risk awareness.

THE STATS
What we’re looking for in our next teammate

• Minimum of 3 years of experience in third-party risk management, vendor management, information security, IT auditing, or equivalent experience.
• Familiarity with risk assessment methodologies, frameworks, best practices, and the full breadth of cybersecurity domains, particularly as they pertain to third-party risk management.
• Knowledge of relevant regulations, standards, and frameworks related to third-party risk management, such as ISO 27001, NIST CSF, NIST SP 800-53, GDPR, GLI-33, and other industry-specific regulations.
• Experience conducting risk assessments of third-party vendors, suppliers, or partners, including evaluating their compliance with policies, procedures, and regulatory requirements.
• Strong analytical skills to identify and assess potential risks associated with third-party relationships, such as data security, operational vulnerabilities, and regulatory compliance.
• Ability to collaborate effectively with cross-functional teams, including legal, compliance, IT, and business units, to gather necessary information and ensure compliance with risk management processes.
• Excellent written and verbal communication skills, with the ability to prepare clear and concise reports, summaries, and documentation related to risk assessments.
• Detail-oriented mindset with the ability to analyze and interpret risk assessment findings and provide recommendations and remediation plans to mitigate identified risks.
• Strong organizational skills to monitor and track third-party risk issues, ensuring timely resolution and appropriate risk mitigation actions are taken.
• Familiarity with risk management software or tools used for tracking and managing third-party risks may be an advantage.
• Proactive attitude with the ability to stay updated on emerging trends, regulatory changes, and industry standards related to third-party risk management.
• Ability to work independently and as part of a team, with a focus on delivering high-quality results within established deadlines.
• Ability to easily adapt to a rapidly evolving, fast-paced, cyber security environment as it relates to changes in strategy.

PLAYER BENEFITS
We treat our team right
 
From our many opportunities for professional development to our generous insurance and paid leave policies, we’re committed to making sure our employees get as much out of FanDuel as we ask them to give. Competitive compensation is just the beginning. As part of our team, you can expect:

• An exciting and fun environment committed to driving real growth
• Opportunities to build really cool products that fans love
• Mentorship and professional development resources to help you refine your game
• Be well, save well and live well - with FanDuel Total Rewards your benefits are one highlight reel after another

FanDuel is an equal opportunities employer and we believe, as one of our principal states, “We Are One Team!”  We are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, creed, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, Veteran status, or another other characteristic protected by state, local or federal law. We believe FanDuel is strongest and best able to compete if all employees feel valued, respected, and included.  We want our team to include diverse individuals because diversity of thought, diversity of perspectives, and diversity of experiences leads to better performance.  Having a diverse and inclusive workforce is a core value that we believe makes FanDuel stronger and more competitive as One Team!

The applicable salary range for this position is $102,000 - $140,000 which is dependent on a variety of factors including relevant experience, location, business needs and market demand. This role may offer the following benefits: medical, vision, and dental insurance; life insurance; disability insurance; a 401(k) matching program; among other employee benefits. This role may also be eligible for short-term or long-term incentive compensation, including, but not limited to, cash bonuses and stock program participation.

This role includes flexible time off (including unlimited paid time off for full-time employees) and 14 paid company holidays. FanDuel offers paid sick time in accordance with all applicable state and federal laws."

#LI-Hybrid

Related jobs

Risk Analyst Kambi Manila

Third-Party Security Risk Analyst Mindbody Remote - Brazil

Lead Security Risk Specialist Hinge Health Bengaluru

Sr. Security Analyst – Enterprise Security Blink Health India