Job Specifications
Are you a GRC specialist? Want to play a crucial role in the development, implementation, and management of the Jagex's Governance, Risk, and Compliance (GRC) framework? Want to do that for one of the worlds leading online games companies?
This position will report to the Director of Cyber Security to ensure the company's information security policies and practices align with both industry regulations and internal strategic objectives, particularly focusing on supporting game development processes.
This is an opportunity
What you'll be doing{{:}
}GRC Framework Development{{:
}
} Develop and implement a comprehensive GRC framework that aligns with industry standards such as ISO 27001, NIST CSF, PCI-DSS, and GD
P
R Manage and update the information security policies, ensuring they are current and relevant to evolving ris
k
s Ensure alignment with legal, regulatory, and contractual obligations specific to the game development indust
r
y Oversee the creation, implementation, and regular review of security policies, standards, and procedur
e
s Collaborate with business units to ensure that policies are understood, accessible, and appropriately enforc
e
d Risk Management{{
:
}} Identify, assess, and manage technical and non-technical security risks associated with game development, live operations, and supporting infrastruct
u
re Develop risk treatment plans, work with game development teams to mitigate identified risks, and track remediation effo
r
ts Compliance & Audit Management{
{
:}} Lead internal and external audits for compliance certifications, ensuring successful completion with minimal business disrup
t
ion Manage the lifecycle of compliance initiatives such as PCI-DSS, GDPR, and other regional requirements affecting game development operat
i
ons Stay informed of industry trends and changes in regulations that may impact security compliance eff
o
rts Training & Awareness{
{:}} Develop and deliver a security awareness program that targets various departments, with an emphasis on secure coding and game development prac
t
ices Ensure continuous education across the company on security policies, risks, and compl
i
ance Vendor & Third-Party Risk Management
{
{:}} Evaluate the security posture of third-party vendors and partners, ensuring their practices align with the company's security po
l
icies Oversee the third-party risk management process, conducting vendor security assessments and managing associated
risks What you'll nee
d
{{:}} Extensive experience in a GRC role within the gaming, technology, or software development ind
u
stries Proven experience in managing security policies, risk assessments, and compliance programs (such as ISO 27001, PCI-DSS, GDPR
,
etc.) Knowledge & Skil
l
s{{:}} Deep understanding of governance, risk, and compliance processes as they relate to game dev
e
lopment Strong knowledge of security frameworks and standards like ISO 27001, NIST CSF, SOC 2,
a
nd GDPR Experience leading security audits and working with both internal and external
a
uditors Strong risk management skills, including conducting risk assessments, developing treatment plans, and overseeing remediation
efforts Excellent written and verbal communication skills, with the ability to convey complex security topics to technical and non-technical stak
e
holders Relevant security certifications such as CISA, CISM, CRISC, or ISO 27001 Lead Imp
l
ementer Soft Ski
l
ls{{:}} Strong leadership and project management abilities, with a track record of managing cross-functio
n
al teams High attention to detail, proactive in identifying risks, and a solution-oriented
approach Ability to thrive in a dynamic, fast-paced game development en
v
ironment What we o
ffer{{:}}When you join Jagex you can look forward to a generous Perks & Benefits package incl
u
ding{{:}} Private Healthcare, including
D
ental Plan Minimum 6% Pension co
n
tributions Employee Assistance Programme & onsite
C
ounselling Lif
e
Insurance Discretionary annual perfor
m
ance bonus Enhanced family leave policies
from day 1 Flexible wo
r
king hours 25 days annual leave + Bank holidays & the option to buy/sell holidays + so
much more! Please note that due to us approaching the Christmas & New Year break, we have many people among the hiring teams who are on annual leave or will be absent due to the studio closing over the holi
day period.This means that, in most cases, applications made during December are unlikely to proceed to interview until January 2025. We appreciate your patience during
this time. Collaboration is at the heart of Jagex. We love getting together with our teams to share ideas and
socialise.Flexibility really is the key to how we set up working schedules, we'll discuss your needs with you and be transparent about the working schedules of the team you'll be working with during our intervi
e
w process. About
Jagex{{:}}Make forever ga
mes with us.Jagex is a thriving international games company with a growing library of forever game IPs for core gamers. We have such huge expertise at running games for the long term that we re-define expectations for what evergreen success
looks like.We create spaces for our players to come together - with each other and with us - inside and outside of our games. We empower our players with real influence on the game's evolution. We help our players belong. Our community experiences give players a greater stake in what they're playing, creating loyal f
orever fans.These strengths inform our vision of our studio as a thriving international games company with a growing library of forever game IPs for core gamers. Our forever games will nurture sizable communities whose loyalty provides consiste
nt revenues.This in turn drives our mission{{:}} We create forever fans by empowering our community. We give players experiences worthy of their long-term time investment and actively collaborate with them to shape the games and the community fo
r the better.If this is something you want to be a part of,
get in touch.We have 500 of the industry's most talented individuals in our Cambridge studio; if you share our values and ambition, we'd love to talk to you. Worried you don't meet all the requirements in the spec? Your attitude, fresh perspective and experience is just as important to us; if you think this could be the perfect job for you
, let's talk.