Governance, Risk & Compliance, Analyst (Seasonal)

The MLB Information Security team is looking for a GRC analyst to focus on governance, risk management, and compliance activities. The Analyst will assist with routine GRC activities, such as supporting audit preparation, conducting risk assessments and monitoring risk registers, and updating internal policies and procedures.

Responsibilities

• Help implement MLB’s data privacy, governance, and risk management programs.
• Support the successful execution of PCI-DSS and SOC 1 Type II audits by reviewing evidence, coordinating with internal stakeholders, and maintaining audit readiness dashboards.
• Conduct comprehensive vendor security and compliance risk assessments, and support the team in providing recommendations for contractual security provisions
• Implement and refine vendor risk review workflows, maintain vendor repository, and apply risk tiering based on data access and criticality within MLB’s TPRM tool. 
• Track and manage risk acceptances and policy exceptions, ensuring proper documentation and regular review. 
• Assist in responding to and fulfilling Data Subject Access Requests (DSAR), ensuring all requests are completed within the statutory timelines required by applicable privacy law. 
• Assist in drafting compliance policies, procedures, and playbooks on cybersecurity, privacy, confidentiality, and data protection topics.
• Develop and maintain KPIs and dashboards to measure the success of GRC programs and initiatives. 

Qualifications & Skills

• Completed a Master’s or Bachelor’s degree in Information Technology, Information Security, Cybersecurity, Computer Science, or a related field (i.e., Information Security, Risk Management, Compliance).
• Strong understanding of PCI v4.0.1 standards, global data privacy laws and regulations (e.g., GDPR, CCPA), IT control frameworks (e.g., NIST CSF, ISO 27001), and risk assessment methodologies
• Ability to gather and analyze considerable volumes of data from multiple sources and effectively summarize information into concise, well-written, objective reports and dashboards.
• Strong knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Pay Rate: $23.00-$30.00 per hour

The actual offer will carefully consider a wide range of factors, including your work experience, education, skills, and any other factors MLB considers relevant to the hiring decision

Why MLB?

Major League Baseball (MLB) is the most historic of the major professional sports leagues in the United States and Canada. Employees love working at MLB because of the culture of growth, teamwork, and professionalism. Employees who are most successful at MLB take initiative, know how to identify problems and provide solutions, and always put the Team first. For those ready to step up to the plate and join the major leagues, MLB takes the same approach as teams do with their players: empowering our “workforce athletes” to be at their best by engineering experiences that put employees in the best position to succeed. Major League Baseball is looking for candidates who are passionate about growing America’s pastime to best serve its fans for decades to come.

California Residents: Please see our California Recruitment Privacy Policy for more details.

Colorado Residents: Colorado based applicants may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.

Applicants requiring a reasonable accommodation for any part of the application and hiring process, please email us at accommodations@mlb.com. Requests received for non-disability related issues, such as following up on an application, will not receive a response.

Are you ready to Step Up to the Plate? Apply below!