[Hiring] Associate Lead, Regulatory Security Analyst @Scopely

Role Description

The Associate Lead, Regulatory Compliance, is responsible for overseeing the continuous execution and monitoring of Scopely’s regulatory and national security compliance obligations within our rapidly expanding, global gaming environment. This role focuses on regulatory program oversight, structured monitoring, and governance execution to ensure Scopely consistently meets its formal compliance commitments. This is achieved through structured oversight, continuous monitoring, and disciplined governance across all teams, systems, and vendors.

This role requires close partnership with the Security Officer, Legal, HR, IT, Product, and Data teams to maintain continuous compliance with all regulatory and national security commitments.

• Lead oversight of compliance with U.S. foreign investment and privacy regulations, advising internal teams and ensuring regulatory requirements are implemented consistently and effectively.
• Monitor adherence to the NSA Cybersecurity Plan, privacy and related regulatory requirements, ensuring controls operate as designed and deviations are promptly addressed.
• Oversee regulator-facing communications and required notifications, including non-objection submissions, storage and vendor updates, incident reporting within defined timelines, and annual compliance reporting.
• Maintain and manage security compliance documentation, ensuring updates are accurate, timely, and regulator-ready.
• Track and monitor role-based access controls for sensitive data, including onboarding/offboarding processes, privilege drift reviews, and third-party access.
• Oversee security compliance training for relevant personnel.
• Coordinate and support third-party assessments, regulatory reviews, and audit activities.
• Maintain structured documentation and evidence repositories to ensure audit readiness at all times.
• Identify gaps or process improvements and drive enhancements to strengthen governance and monitoring mechanisms.
• Partner with IT and Engineering to ensure monitoring, logging, and segregation controls align with regulatory expectations.

Qualifications

• 6+ years of experience in cybersecurity governance, regulatory compliance, risk management, or related security oversight roles.
• Experience supporting structured regulatory frameworks or government oversight programs.
• Strong understanding of identity governance, role-based access controls, least privilege principles, and vendor risk oversight.
• Experience managing regulatory reporting timelines and structured compliance documentation.
• Experience managing annex-style documentation frameworks or formal regulatory filings.
• Demonstrated ability to coordinate audits, assessments, and regulator-facing engagements.
• Experience leveraging or building AI-enabled tools to enhance GRC processes, including developing AI assistants or automation workflows to improve regulatory monitoring, documentation, and control oversight.
• Strong written communication skills with the ability to draft clear, defensible regulatory communications.
• Experience working cross-functionally with Legal, HR, Engineering, and Executive stakeholders.
• Strong program management and organizational skills with attention to detail.
• Ability to operate independently in a high-accountability environment.
• Familiarity with NIST or ISO aligned cybersecurity control framework.

Bonus Points

• Advanced degree or relevant certifications (CISSP, CISM, CRISC, etc.).

Benefits

• Comprehensive benefits package, including healthcare benefits, retirement benefits, pet insurance, paid holidays, paid Scopely free days, and unlimited paid time off.

Salary Information

For candidates in CA, CO, NJ, NY, and WA, the annual salary range is provided below. In addition to base pay, employees may be eligible for equity and bonuses. Base pay offered may vary depending on job-related knowledge, skills, and experience.

• CA, CO, NJ, NY, and WA Annual Salary Range: $145,000 — $184,800 USD.