Governance, Risk & Compliance, Analyst (Seasonal)
Major League Baseball · New York City, New York, US
The MLB Information Security team is looking for a GRC analyst to focus on governance, risk management, and compliance activities.
Job description
The MLB Information Security team is looking for a GRC analyst to focus on governance, risk management, and compliance activities. The Analyst will assist with routine GRC activities, such as supporting audit preparation, conducting risk assessments and monitoring risk registers, and updating internal policies and procedures. Responsibilities: - Help implement MLB’s data privacy, governance, and risk management programs. - Support the successful execution of PCI-DSS and SOC 1 Type II audits by reviewing evidence, coordinating with internal stakeholders, and maintaining audit readiness dashboards. - Conduct comprehensive vendor security and compliance risk assessments, and support the team in providing recommendations for contractual security provisions - Implement and refine vendor risk review workflows, maintain vendor repository, and apply risk tiering based on data access and criticality within MLB’s TPRM tool. - Track and manage risk acceptances and policy exceptions, ensuring proper documentation and regular review. - Assist in responding to and fulfilling Data Subject Access Requests (DSAR), ensuring all requests are completed within the statutory timelines required by applic...