Want to get hired at Fortis Games?

GRC Analyst

Fortis Games

HybridHybrid

Original Job Summary

Who We Are

At Fortis Games we aspire to make great games that bring people together while redefining how game companies work. We believe in building a sense of belonging through our games, their communities, and how we operate. We foster a culture of diversity, equity, and belonging where our diverse skills, experiences, and backgrounds impact the games we make.

Our early but mighty organization is led by game industry veterans. Here, you have the opportunity to significantly impact both our products and overall company direction. If you are passionate about tackling difficult problems with clear communication and a team-first mentality, you may be the right fit.

About The Role

The GRC Analyst will help maintain and improve our Governance, Risk and Compliance programs while supporting IT and InfoSec initiatives, assisting with risk assessments, and ensuring policies, standards, and controls are consistently applied. Your contributions safeguard our systems, manage compliance obligations, and strengthen our security posture.

What You Will Do

  • Use OneTrust modules such as ITRM, TPRM, EPM, and Compliance Automation to manage risks and track obligations.
  • Assist in the day-to-day operation of GRC programs across vulnerability management, risk and compliance, and third party risk management.
  • Conduct vendor and application security reviews and support treatment planning.
  • Coordinate role-based cybersecurity training and manage phishing simulations.
  • Help draft, review, and maintain cybersecurity policies, standards, and procedures.
  • Prepare and deliver GRC metrics for IT and InfoSec leadership.
  • Assist with audits by gathering evidence and mapping controls.
  • Conduct threat and risk assessments for both third party vendors and internal systems.

What You Will Need

  • Minimum 3 years experience in cybersecurity, IT risk, or GRC roles.
  • Experience with OneTrust ITRM, TPRM, EPM, and Compliance Automation.
  • Proven track record performing TRA assessments for vendors and internal systems.
  • Familiarity with NIST 800-53, ISO 27001, SOX, GDPR, SOC 1, and SOC 2.
  • Solid understanding of threats, vulnerabilities, and their business impacts.
  • Strong communication skills with ability to explain technical topics to non-technical audiences.
  • Proven ability to work effectively with internal teams and external vendors.
  • Self-motivated, detail-oriented, and comfortable in an ambiguous environment.

Why Join Us

Fortis Games is changing how game studios operate by creating games that build connected communities. We celebrate diversity, embrace inclusivity, and encourage growth. Join a seasoned team of industry veterans and help shape our future.

Key skills/competency

  • GRC
  • Cybersecurity
  • Risk Management
  • Compliance
  • OneTrust
  • Vulnerability Management
  • Policy Development
  • Risk Assessment
  • IT Security
  • Audit Support

How to Get Hired at Fortis Games

🎯 Tips for Getting Hired

  • Research Fortis Games culture: Study their mission, team, and projects online.
  • Customize your resume: Highlight cybersecurity and GRC experiences.
  • Emphasize OneTrust expertise: Detail your practical experience.
  • Prepare examples: Share specific risk assessment success stories.

📝 Interview Preparation Advice

Technical Preparation

Review OneTrust modules and related workflows.
Study NIST 800-53 and ISO 27001 standards.
Practice risk assessment case studies.
Update knowledge on compliance automation tools.

Behavioral Questions

Describe a challenging risk assessment experience.
Explain how you handle ambiguous situations.
Share a time of effective team collaboration.
Discuss communicating technical risks to non-technical peers.