Associate Lead, Regulatory Security Analyst

Scopely is looking for an Associate Lead, Regulatory Security Analyst to join our Enterprise Technology team in the United States working on a remote basis.

At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily. 

TheEnterprise Tech/Ops team keeps everything behind the scenes running smoothly and we make sure all teams are equipped and connected - whether across the office or halfway around the world. 

What You Will Do 

The Associate Lead, Regulatory Compliance, is responsible for overseeing the continuous execution and monitoring of Scopely’s regulatory and security compliance obligations within our rapidly expanding, global gaming environment.

This role focuses on regulatory program oversight, structured monitoring, and governance execution to ensure Scopely consistently meets its formal compliance commitments. This is achieved through structured oversight, continuous monitoring, and disciplined governance across teams, systems, and vendors.

This role requires close partnership with the Security Officer, Legal, HR, IT, Product, and Data teams to maintain continuous compliance with all regulatory and national security commitments.

• Lead oversight of compliance with U.S. foreign investment and privacy regulations, advising internal teams and ensuring regulatory requirements are implemented consistently and effectively
• Monitor adherence to the National Security Agreement Cybersecurity Plan, privacy and related regulatory requirements, ensuring controls operate as designed and deviations are promptly addressed
• Oversee regulator-facing communications and required notifications, including non-objection submissions, storage and vendor updates, incident reporting within defined timelines, and annual compliance reporting
• Maintain and manage security compliance documentation, ensuring updates are accurate, timely, and regulator-ready
• Track and monitor role-based access controls for sensitive data, including onboarding/offboarding processes, privilege drift reviews, and third-party access
• Oversee security compliance training for relevant personnel
• Coordinate and support third-party assessments, regulatory reviews, and audit activities
• Maintain structured documentation and evidence repositories to ensure audit readiness at all times
• Identify gaps or process improvements and drive enhancements to strengthen governance and monitoring mechanisms
• Partner with IT and Engineering to ensure monitoring, logging, and segregation controls align with regulatory expectations

What We’re Looking For 

• 6+ years of experience in cybersecurity governance, regulatory compliance, risk management, or related security oversight roles
• Experience supporting structured regulatory frameworks or government oversight programs
• Strong understanding of identity governance, role-based access controls, least privilege principles, and vendor risk oversight
• Experience managing regulatory reporting timelines and structured compliance documentation
• Experience managing annex-style documentation frameworks or formal regulatory filings
• Demonstrated ability to coordinate audits, assessments, and regulator-facing engagements
• ​​Experience leveraging or building AI-enabled tools to enhance GRC processes, including developing AI assistants or automation workflows to improve regulatory monitoring, documentation, and control oversight.
• Strong written communication skills with the ability to draft clear, defensible regulatory communications
• Experience working cross-functionally with Legal, HR, Engineering, and Executive stakeholders
• Strong program management and organizational skills with attention to detail
• Ability to operate independently in a high-accountability environment
• Familiarity with NIST or ISO aligned cybersecurity control framework

Bonus Points 

• Advanced degree or relevant certificat