Hard Rock Digital

Technology

CybersecurityRiskAnalyst

Austin, United States; United Kingdom; Florida, United States FULL TIME Remote Friendly

The Brief

“Cybersecurity Risk Analyst at Hard Rock Digital. Skills: AI-augmented Integrated Management System, risk assessment, compliance, AI tools, ISO 27001. Conduct comprehensive risk assessments of cloud infrastructure, gaming applications, CI/CD pipelines, DevOps processes, payment processing systems, and all other aspects of internal technology operations. Develop and maintain risk registers, threat models, vulnerability and threat management programs, and risk treatment plans. Perform quantitative ”

What You'll Achieve.

Proactively managing technology risks and maintaining a security posture in an evolving threat landscape. Accelerate risk assessment, compliance evidence gathering, policy development, and executive reporting. Reduce manual effort across compliance, audit, and risk operations.

Industry & Context.

Technology

Problems you'll solve

risk treatment plans; risk mitigation strategies; security measures; risk reduction activities; AI governance; risk impact assessment; lessons learned; risk scenario planning

Eligibility Requirements

This role goes beyond traditional GRC. This is not a traditional GRC analyst position. You will work in an environment where AI is core tooling. Live data powers AI workflows. Our documentation lives in code. You will shape how AI is used. Gaming adds complexity.

What They're Looking For.

Must Have

Bachelor's degree in Computer Science, Information Security, Technology Risk Management, or related field. 3-5 years of experience in cybersecurity risk management, GRC, or IT audit within the technology industry. Demonstrated experience with risk assessment methodologies and frameworks (ISO 27005, ISO 31000, NIST RMF). Knowledge of security controls and their implementation across cloud environments. Experience with GRC platforms. Practical experience using AI/LLM tools in a professional security or risk management context.

Nice to Have

Relevant certifications and experience can substitute for formal education requirements. Vanta experience preferred.

What You'll Do.

Conduct comprehensive risk assessments of cloud infrastructure, gaming applications, CI/CD pipelines, DevOps processes, payment processing systems, and all other aspects of internal technology operations.

Develop and maintain risk registers, threat models, vulnerability and threat management programs, and risk treatment plans.

Perform quantitative and qualitative risk analysis.

Evaluate third-party vendor security risks and assess supply chain vulnerabilities.

Leverage AI tools to accelerate risk identification, analysis, and reporting workflows.

Develop and recommend risk mitigation strategies and security controls.

Collaborate with technical teams to implement security measures and monitor their effectiveness.

Track remediation efforts and verify risk reduction activities.

Create and maintain risk metrics and key risk indicators.

Ensure alignment with regulatory and industry requirements.

Support internal and external audits.

Maintain security policies, procedures, and risk management frameworks.

Contribute to AI governance activities.

Assist in developing and updating the organization's cybersecurity and AI governance strategy.

Use agentic AI tools with associated skills and agents as core productivity multipliers for risk analysis, policy drafting, compliance validation, and reporting.

Operate within a git-based Integrated Management System.

Work with Model Context Protocol (MCP) servers to connect AI agents to live data sources.

Identify opportunities to extend agentic automation.

Identify and develop new AI-driven approaches to SRM challenges.

Contribute to prompt engineering, skill development, and workflow optimization for AI tools.

Maintain awareness of AI security risks and participate in AI risk assessments.

Prepare risk reports and dashboards for management, audit committees, and gaming regulators.

Present risk findings and recommendations to technical and non-technical audiences.

Document risk assessment methodologies and maintain assessment artifacts.

Provide risk-based guidance for security strategy decisions.

Use AI tools to generate structured executive reports.

Participate in security incidents for risk impact assessment and lessons learned.

Participate in site reliability incident response activities.

Support business continuity and disaster recovery planning.

Conduct tabletop exercises and risk scenario planning.

How You'll Work.

Team & Collaboration

Collaborate with technical teams to implement security measures and monitor their effectiveness.

Communication Scope

communicate and manage risks; executive reporting; translate technical findings into business language

Free ATS check

Applying for this Cybersecurity Risk Analyst role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

ANONYMOUS · UNFILTERED

What do employees actually say about Hard Rock Digital?

Real rants from real employees. Read before you apply.

Read Company Rants →