About AMB Sports and Entertainment AMB Sports & Entertainment is part of the Blank Family of Businesses comprised of the National Football League’s Atlanta Falcons, Major League Soccer’s Atlanta United FC, Mercedes-Benz Stadium, AMBSE Ventures, and PGA TOUR Superstore.

Our Ideal Candidates

Actively Listen – Take an active role in listening by being present in the moment, using healthy body language, and ensuring joint understanding. When we read between the lines and hear what others are saying and what they are not saying, we encounter amazing opportunities to go the extra mile in serving them.

Collaborate – Realize that we are better together than we are alone. We achieve much better results when others have the opportunity to add their diverse perspectives. Be open to feedback and actively seek input from a variety of people at varying levels because the best ideas come from those who are closest to those we serve.

Engage in Servant Leadership – Put others ahead of yourself even when it’s difficult. Find opportunities to lead by example in the way you pitch in and help others. Giving back to others is at the heart of what we do.

Build Relationships – Cultivate trust in relationships by showing respect and sensitivity. Invest time in helping others to continuously improve by listening to their ideas and helping them to continuously improve.

Own Results – Own issues you encounter even when they are outside of your area of responsibility by taking action or seeking out the needed resolution. You are empowered and expected to take risks aimed at exceeding the expectations of our guests. Take advantage of this rare opportunity by utilizing available resources.

Position Summary

AMB Sports & Entertainment (AMBSE), LLC is seeking an governance, risk and compliance (GRC) analyst to assist in the maintenance of the organization’s overall technology and security GRC program.

The GRC Analyst will, in tandem with security leadership, oversee the organization’s security requirements and obligations mandated by standards and regulations such as the Health Information Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS), as well as those mandated by the National Football League and Major League Soccer. The GRC analyst consistently assesses and validates the assurance of the security program by monitoring progress and guiding resolution of outstanding issues that may lead to non-compliance or security threats to the organization.

Required Knowledge, Skills & Abilities

  • Assist in the planning, creation and maintenance of policies addressing areas of security concern while balancing risk with business operations and not diminishing efficiencies or innovation.

  • Maintain documentation in a GRC related platform and organizational risk register.

  • Assist in oversight of third parties, vendors, and business partners to safeguard against undue risk presented by external entities. Escalate to security and business leadership when points of weakness are discovered.

  • Ensure business units and technology teams maintain up-to-date documentation for systems and processes. Maintain evidence of compliance with security requirements and obligations.

  • Document and communicate vulnerability status in a manner understood by technical and non-technical business units. Track and report on remediation based on risk tolerance and threat to the organization.

  • Assist in information security awareness program management. Track and report on end user compliance.

  • Act as a key participant in incident response to track occurrence and resolution, documentation, and reporting.

  • Participate regularly in project and change management meetings

  • Liaison with external auditors to maintain and implement controls for compliance and privacy laws.

  • Act as a point of contact for disaster recovery and business continuity.

  • Perform other duties as assigned.

Qualifications and Education Requirements

  • Bachelor’s degree in Information Assurance, Management Information Systems, Computer Science, or equivalent experience in a related field.

  • At least 3+ years’ experience in information technology, business systems or cybersecurity with exposure to various security requirements preferred.

  • Strong business acumen and technology skills for well-rounded proficiency, as well as proven ability to align with security practices and compliance responsibilities.

  • Exposure to various regulatory requirements and laws, including but not limited to PCI, HIPAA, GDPR and CCPA.

  • As a member of the information security team, the GRC analyst must focus on strong risk management and organizational resiliency, and not be driven solely by compliance.

  • Exceptional written and verbal communication skills, and ability to translate security and risk to all levels of the business.

  • Highly focused on building and implementing a strong, cohesive team and security culture.

  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.

Availability and Travel Required

  • Some infrequent travel may be required

  • Attendance of some evening and weekend events may be required