Senior GRC Cybersecurity Analyst – Remote (Full‑/Part‑Time) – $80,000 Yearly – arenaflex

About arenaflex

arenaflex is a global leader in entertainment and digital experiences, renowned for creating immersive worlds that delight millions of fans every day. With a legacy of innovation, arenaflex continuously invests in cutting‑edge technology, data‑driven storytelling, and robust security practices to protect its vast ecosystem of creative assets, customer data, and operational platforms. As the company expands its digital footprint, the need for world‑class Governance, Risk, and Compliance (GRC) expertise has never been greater.

Why This Role Matters

In today’s hyper‑connected environment, cyber threats evolve at lightning speed. arenaflex’s Cybersecurity & GRC team is the guardian of the organization’s digital trust, ensuring that every system, partner, and third‑party service aligns with rigorous risk‑management standards. As a Senior GRC Cybersecurity Analyst, you will be the linchpin that bridges business objectives with security controls, driving compliance, mitigating risk, and enabling the magic of arenaflex to flourish safely.

Role Overview

This remote position (flexible full‑time or part‑time) offers a competitive salary of $80,000 per year and the opportunity to work with a high‑performing, globally distributed team. Reporting directly to the Manager, Governance, Threat & Compliance, you will lead third‑party risk management (TPRM) initiatives, oversee internal compliance programs, and act as the primary liaison between business stakeholders and the security function.

Key Responsibilities

• Third‑Party Risk Management (TPRM): Operate arenaflex’s TPRM platform to assess, validate, and monitor risk associated with vendors, partners, and service providers.
• Collaborate with business owners to gather risk assessment requests, define scope, and ensure alignment with strategic objectives.
• Distribute, review, and score due‑diligence questionnaires; identify gaps in security controls and recommend remediation actions.
• Document findings, remediation plans, and final approvals in arenaflex’s compliance management system.
• Maintain a continuous tracking log of open risk items, ensuring timely closure and escalation when necessary.
• Develop and deliver risk‑assessment reports to senior leadership, highlighting trends, emerging threats, and improvement opportunities.
• Lead the creation and dissemination of compliance communications, training materials, and policy updates across the organization.
• Stay current with regulatory changes (e.g., ISO 27001, SOC 2, SSAE 18) and translate new requirements into actionable controls for arenaflex.
• Partner with internal audit, legal, and IT teams to support internal and external audit engagements.
• Identify and champion process improvements within the GRC framework to increase efficiency and effectiveness.

Essential Qualifications

• Bachelor’s degree in Information Security, Computer Science, Business Administration, or a related field (or equivalent professional experience).
• Minimum 4 years of hands‑on experience in third‑party risk management, information security, or audit & compliance.
• Demonstrated expertise with GRC tools and platforms (e.g., RSA Archer, ServiceNow GRC, or similar).
• Strong understanding of security frameworks such as ISO 27001, NIST, SOC 2, and SSAE 18.
• Proven ability to conduct qualitative and quantitative risk assessments and produce clear, actionable recommendations.
• Excellent stakeholder management skills with a track record of influencing cross‑functional teams.
• Superior analytical, problem‑solving, and presentation abilities.

Preferred Qualifications & Certifications

• Professional certifications such as CISA, CRISC, CISSP, ISO 27001 Lead Implementer, or equivalent.
• Experience working in a large enterprise or a Big‑Four consulting environment.
• Familiarity with AI/ML concepts as they apply to security analytics and risk automation.
• Hands‑on experience with cloud security controls (AWS, Azure, GCP) and related compliance requirements.

Core Skills & Competencies

• Communication: Clear, concise verbal and written communication; ability to translate technical risk concepts into business language.
• Collaboration: Strong interpersonal skills; comfortable navigating fast‑paced, matrixed environments.
• Adaptability: Ability to thrive in dynamic settings, adjust priorities, and manage shifting deadlines.
• Attention to Detail: Meticulous documentation and tracking of risk findings and remediation actions.
• Strategic Thinking: Ability to see the bigger picture, align security initiatives with corporate goals, and drive continuous improvement.

Career Growth & Learning Opportunities

arenaflex invests heavily in employee development. As a Senior GRC Analyst, you will have access to:

• Mentorship from senior security leaders and industry experts.
• Funding for professional certifications and advanced training.
• Opportunities to lead cross‑functional projects that influence global security strategy.
• Rotational programs that expose you to other security domains such as incident response, threat hunting, and security architecture.
• Regular knowledge‑sharing sessions, webinars, and conferences to keep you at the forefront of GRC best practices.

Work Environment & Culture at arenaflex

arenaflex fosters an inclusive, collaborative, and innovative culture where every voice matters. Our remote‑first policy empowers you to work from anywhere in the United States while staying connected through:

• Weekly virtual team huddles and quarterly in‑person meet‑ups.
• State‑of‑the‑art collaboration tools (Slack, Teams, Confluence) to keep communication fluid.
• Employee resource groups focused on diversity, sustainability, and community outreach.
• A supportive leadership team that values work‑life balance, mental health, and continuous feedback.

Compensation, Perks & Benefits

arenaflex offers a competitive total rewards package, including:

• Base Salary: $80,000 per year (flexible full‑time or part‑time arrangement).
• Health & Wellness: Comprehensive medical, dental, vision, and mental‑health coverage.
• Retirement Savings: 401(k) plan with company match.
• Paid Time Off: Generous vacation, holidays, and sick leave.
• Learning Stipend: Annual budget for courses, certifications, and conferences.
• Technology Allowance: Home‑office equipment stipend and high‑speed internet reimbursement.
• Employee Discounts: Access to arenaflex entertainment experiences and merchandise.
• Wellness Programs: Virtual fitness classes, mindfulness sessions, and ergonomic assessments.

How to Apply

If you are passionate about safeguarding digital experiences, thrive in a collaborative remote environment, and want to make a tangible impact on a world‑class entertainment brand, we want to hear from you. Please submit your resume, a cover letter highlighting your relevant GRC experience, and any supporting certifications through the link below.

Apply Now – Join arenaflex!

Closing Statement

arenaflex is committed to building a secure future where creativity can flourish without compromise. As a Senior GRC Cybersecurity Analyst, you will play a pivotal role in protecting the company’s most valuable assets while advancing your own career in a dynamic, supportive environment. Take the next step in your professional journey—apply today and become part of the magic that makes arenaflex unforgettable.