Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct risk assessments and develop strategies to protect our gaming infrastructure and customer data.
- Company: Join Hard Rock Digital, a leader in online gaming, focused on innovation and customer experience.
- Benefits: Enjoy flexible work hours, competitive pay, and a startup culture within a global brand.
- Why this job: Be part of a passionate team shaping the future of digital gaming with a focus on security.
- Qualifications: Bachelor's degree in relevant fields and 3-5 years of cybersecurity or risk management experience required.
- Other info: We celebrate diversity and inclusivity, empowering you to bring your authentic self to work.
The predicted salary is between 36000 - 60000 £ per year.
Hard Rock Digital is a team focused on becoming the best online sportsbook, casino, and social gaming company in the world. We’re building a team that resonates passion for learning, operating, and building new products and technologies for millions of consumers. We care about each customer interaction, experience, behavior, and insight and strive to ensure we’re always acting authentically.
Rooted in the kindred spirits of Hard Rock and the Seminole Tribe of Florida, the new Hard Rock Digital taps a brand known the world over as the leader in gaming, entertainment, and hospitality. We’re taking that foundation of success and bringing it to the digital space — ready to join us?
What’s the position?
We are seeking experienced Cybersecurity Risk Analysts to join our security team at a leading US online gaming platform. This role is critical in protecting our cloud-based gaming infrastructure, customer data, and financial systems while ensuring compliance with gaming regulations and industry standards. The analyst role involves conducting risk assessments, developing risk management and mitigation strategies, supporting audit activities, and ensuring compliance with security policies and compliance requirements.
This role is crucial for our organization to proactively manage technology risks and maintain a strong security posture in an evolving threat landscape. The ideal candidate combines strong technical knowledge with business acumen to effectively communicate and manage risks across all organizational levels.
Key Responsibilities
Risk Assessment and Management
Conduct comprehensive risk assessments of cloud infrastructure, gaming applications, CI/CD pipelines, DevOps processes, payment processing systems, and all other aspects of internal technology operations.
Develop and maintain risk registers, threat models, vulnerability and threat management programs, and maintain risk treatment plans.
Perform quantitative and qualitative risk analysis using industry-standard methodologies (ISO 27005).
Evaluate third-party vendor security risks and assess supply chain vulnerabilities.
Risk Mitigation and Control Implementation
Develop and recommend risk mitigation strategies and security controls
Collaborate with technical teams to implement security measures and monitor their effectiveness
Track remediation efforts and verify risk reduction activities
Create and maintain risk metrics and key risk indicators (KRIs)
Compliance and Governance
Ensure alignment with both internal, regulatory, and industry requirements (state-specific gaming and privacy regulations, ISO27001, PCI-DSS, financial audits, etc.)
Support internal and external audits by providing risk documentation and evidence
Maintain security policies, procedures, and risk management frameworks
Assist in developing and updating the organization\’s cybersecurity strategy
Reporting and Communication
Prepare risk reports and dashboards for management and stakeholders
Present risk findings and recommendations to technical and non-technical audiences
Document risk assessment methodologies and maintain assessment artifacts
Provide risk-based guidance for security strategy decisions
Incident Response and Business Continuity
Participate in site reliability incident response activities, in particular post-incident reviews
Similarly participate in security incidents for risk impact and lessons learned
Support business continuity and disaster recovery planning
Conduct tabletop exercises and risk scenario planning
Job requirements
What are we looking for?
Education
Bachelor\’s degree in Computer Science, Information Security, Technology Risk Management, or related field
Relevant certifications can substitute for formal education requirements
Experience
3-5 years of experience in cybersecurity, risk management, or IT audit within the tech industry
Demonstrated experience with risk assessment methodologies and frameworks
Knowledge of security controls and their implementation
Experience with GRC tools
Technical Skills
Understanding of security technology concepts (firewalls, IDS/IPS, SIEM, vulnerability discovery, CI/CP pipelines)
Familiarity with cloud security (AWS, Azure, GCP)
Knowledge of network protocols and security architectures
Basic scripting abilities for automation
Certifications (Preferred)
CRISC (Certified in Risk and Information Systems Control)
CISA (Certified Information Systems Auditor)
CISSP (Certified Information Systems Security Professional)
CompTIA Security+ or CySA+
Soft Skills
Strong analytical and problem-solving abilities
Excellent written and verbal communication skills
Ability to translate technical risks into business impact
Detail-oriented with strong organizational skills
Ability to work independently and manage multiple projects
Additional Preferred Qualifications
Experience with specific GRC platforms (Vanta, OneTrust)
Knowledge of emerging threats and threat intelligence
Experience in cloud based technology organizations
Understanding of DevSecOps and agile methodologies
Experience in regulated industry sectors
What’s in it for you?
We offer our employees more than just competitive compensation. Our team benefits include:
Competitive pay and benefits
Flexible work from home or office hours
Startup culture backed by a secure, global brand
Opportunity help shape the future strategy of the Casino Product
Roster of Uniques
We care deeply about every interaction our customers have with us, and trust and empower our staff to own and drive their experience. Our vision for our business and customers is built on fostering a diverse and inclusive work environment where regardless of background or beliefs you feel able to be authentic and bring all your talent into play. We want to celebrate you being you (we are an equal opportunities employer)
#J-18808-Ljbffr
Security Risk Analyst employer: Hard Rock Digital
Contact Detail:
Hard Rock Digital Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Risk Analyst
✨Tip Number 1
Familiarise yourself with the specific risk assessment methodologies mentioned in the job description, such as ISO 27005. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and understanding of the role.
✨Tip Number 2
Showcase your knowledge of cloud security, particularly with platforms like AWS, Azure, or GCP. Prepare examples of how you've previously managed risks in cloud environments, as this is crucial for the position.
✨Tip Number 3
Highlight your experience with GRC tools, especially if you have worked with platforms like Vanta or OneTrust. This will set you apart from other candidates and show that you are well-versed in governance, risk, and compliance.
✨Tip Number 4
Prepare to discuss your soft skills, particularly your analytical and problem-solving abilities. Be ready to provide examples of how you've effectively communicated technical risks to non-technical stakeholders, as this is essential for the role.
We think you need these skills to ace Security Risk Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in cybersecurity, risk management, and IT audit. Use keywords from the job description to demonstrate that you meet the specific requirements for the Security Risk Analyst position.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for cybersecurity and your understanding of the gaming industry. Mention specific experiences where you've successfully conducted risk assessments or implemented security controls.
Highlight Relevant Certifications: If you have certifications like CRISC, CISA, or CISSP, be sure to mention them prominently in your application. These qualifications are highly valued for this role and can set you apart from other candidates.
Showcase Soft Skills: In your application, emphasise your analytical abilities, communication skills, and attention to detail. Provide examples of how you've effectively communicated technical risks to non-technical audiences in previous roles.
How to prepare for a job interview at Hard Rock Digital
✨Understand the Role
Make sure you thoroughly understand the responsibilities of a Security Risk Analyst. Familiarise yourself with risk assessment methodologies, compliance requirements, and the specific technologies mentioned in the job description, such as cloud security and GRC tools.
✨Prepare for Technical Questions
Expect to be asked about your technical knowledge, especially regarding security controls, incident response, and risk management strategies. Brush up on key concepts like firewalls, IDS/IPS, and vulnerability management to demonstrate your expertise.
✨Showcase Your Soft Skills
Highlight your analytical and problem-solving abilities during the interview. Be prepared to discuss how you've effectively communicated technical risks to non-technical stakeholders in the past, as this is crucial for the role.
✨Ask Insightful Questions
Prepare thoughtful questions about the company's approach to cybersecurity and risk management. This shows your genuine interest in the role and helps you assess if the company culture aligns with your values.