Pulse Job logoPulse Job
HomeJobsBlogPricingContact
Pulse Job logoPulse Job

Trusted global job portal connecting talented professionals with top companies worldwide.

support@pulsjob.com

For Job Seekers

  • Browse Jobs
  • Premium Jobs
  • Create Profile
  • Pricing
  • Career Tips

For Employers

  • Hire someone
  • Employer Dashboard
  • Success Stories

Career Tools

  • AI Auto-Apply
  • Expert Resume Review
  • Set Job Alerts

Company

  • About Us
  • Contact
  • Blog

Support

  • FAQ
  • 14-Day Refund Policy
  • Privacy Policy
  • Terms of Service
  • Community Guidelines

Copyright © 2026 Pulse Job. All rights reserved.

FacebookTwitterLinkedInInstagram

Get the Pulse Job app for the best experience.

Disclaimer: Pulse Job is a platform connecting job seekers with employers. We do not guarantee employment or verify all employer claims. Users should exercise due diligence when applying for jobs or hiring candidates.

  1. Home
  2. Jobs
  3. Cybersecurity Staff Engineer

Cybersecurity Staff Engineer

Back to Jobs
National Basketball Association logo

Cybersecurity Staff Engineer

National Basketball Association

172,500–195,000 / Year

Location

Secaucus, USA - Remote

Experience

Senior

Posted

Jul 7, 2026

Apply by

August 6, 2026

Applicants

0

Early applicantFull-timeHybrid

Sign in to apply on web or download the app for more options.

Job Description

WORK OPTION: The NBA currently provides eligible employees the option of working remotely one day per week. \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_ **Position Summary** We're looking for a seasoned Cybersecurity Staff Engineer to lead our Cyber Governance, Risk, and Compliance efforts — one of the most strategically critical functions in our security organization. This is a Director-level individual contributor role reporting to the AVP of Cybersecurity, sitting at the intersection of every cybersecurity practice area we operate. You won't just manage compliance programs — you'll be the connective tissue that brings structure, visibility, and accountability across our entire security landscape. Every cybersecurity organization generates signals — risks identified, controls tested, findings logged. But signals without synthesis are just noise. This role exists because our security towers are only as strong as the visibility and accountability that connects them. Without someone owning that connective layer, gaps persist, issues stall, and leadership is left making decisions without a complete picture. This role changes that. By bringing consolidated oversight to risk, compliance, and issue closure across every tower we operate, this role directly shapes our ability to protect fan data, honor our regulatory obligations across global markets, and maintain the trust of partners and stakeholders who expect a world-class security posture from a world-class organization. It's not a support function — it's a force multiplier. Operating within an international sports and entertainment league means our risk surface is anything but ordinary. Global events, broadcast partnerships, fan data at scale, and regulatory obligations spanning multiple jurisdictions make this a role for someone who thrives on complexity and can translate it into clarity. **Major Responsibilities** **GRC Integration & Unified Visibility** - Aggregate risk posture, control gaps, and issue status across all cybersecurity towers into cohesive dashboards and executive-ready reporting frameworks - Serve as the single point of GRC intelligence — translating disparate signals into a coherent organizational risk picture - Establish and maintain consistent metrics and KPIs that reflect compliance health across all towers **Issue Tracking & Risk Closure** - Own end-to-end issue lifecycle management — from identification through remediation — ensuring findings don't stall in handoff gaps - Build accountability mechanisms across tower leads and partner teams that keep risk closure on track without requiring direct authority - Ensure non-IT departments follow documented processes and help them address audit gaps - Escalate systemic issues and trend patterns to senior leadership with actionable recommendations **ISO 27001 Program Ownership** - Lead all aspects of ISO 27001 certification maintenance, including evidence collection, control mapping, audit readiness, and continuous improvement - Manage relationships with external auditors and certification bodies - Ensure the program remains audit-ready year-round, not just at certification time **SOC 2 Type II Compliance** - Contribute into our SOC 2 Type II program and lead compliance posture across applicable trust service criteria - Coordinate with engineering, IT, and operations teams to ensure controls are implemented, evidenced, and sustainable **Level 1 Cyber Risk Management** - Conduct and document Level 1 cyber risk assessments using established frameworks including NIST CSF and ISO 27001 - Maintain the enterprise cyber risk register, ensuring risks are properly rated, owned, and tracked toward resolution - Surface emerging risks tied to our industry — fan data systems, broadcast infrastructure, global event operations — with appropriate context for decision-makers **Cross-Functional Collaboration & Influence** - Partner with tower leads, IT, Legal, Privacy, and Procurement to align on risk priorities and drive coordinated remediation - Communicate policy and regulatory requirements in language that resonates with both technical practitioners and executive stakeholders - Operate as a trusted advisor across the organization — influencing outcomes without relying on org chart authority **GRC Tooling & Automation** - Identify opportunities to replace manual compliance effort with scalable automation through GRC platforms and integrations - Drive adoption and optimization of tools such as Drata, ServiceNow GRC, OneTrust, or equivalent platforms - Stay ahead of the tooling landscape and bring forward recommendations that improve program efficiency and coverage **Regulatory & Global Compliance Awareness** - Maintain working knowledge of regulations relevant to our global footprint — including GDPR, CCPA, and evolving data residency requirements across international markets - Support third-party and vendor risk review processes in coordination with Legal and Procurement, ensuring vendor relationships meet our compliance standards **Required Education/Professional Experience** - 7+ years of progressive experience in Cybersecurity GRC, Risk Management, or Compliance with exposure to both program ownership and cross-functional coordination - Demonstrated ability to manage across multiple security domains simultaneously without losing precision or accountability - Hands-on experience leading ISO 27001 certification programs and SOC 2 Type II compliance — you've owned audit cycles, not just supported them - Familiarity with one or more GRC platforms (Drata, ServiceNow, OneTrust, or comparable) - CISSP, CISM, or CRISC certification preferred - Experience in sports, entertainment, media, or other high-profile consumer-facing industries a plus **Required Skills/Knowledge Attributes** - Deep fluency in security and compliance frameworks — ISO 27001, NIST CSF, and CIS Benchmarks — and the ability to translate framework requirements into operational controls - Working knowledge of GDPR, CCPA, and data residency obligations across global markets, with the ability to assess their impact on program design and risk posture - Understanding of IAM principles and data protection methods (encryption, tokenization) sufficient to evaluate control effectiveness across security towers - Ability to develop and execute incident response coordination at the GRC level — ensuring compliance obligations are met when security incidents occur - Strong systems thinker who understands how risk and compliance data flows across tools, teams, and processes — and can identify where the gaps live - Skilled at identifying where automation can replace manual compliance effort, and credible enough to bring stakeholders along on the change - Excellent written and verbal communicator — equally effective presenting to a CISO and partnering with a technical tower lead - Proven influencer at the Director level and above, with a track record of driving accountability without direct authority - Familiarity with broadcast or live event infrastructure risk considerations a plus **Salary Range:** $172,500-$195,000 **Job Posting Title:** Director Employees currently are eligible to receive an annual discretionary performance bonus, awarded at the sole discretion of the Company and subject to any terms and conditions set by the Company. Employees and/or eligible dependents may be eligible to participate in the following Company-sponsored employee benefit programs: medical; dental; vision; life/AD&D insurance; short- and long-term disability; fertility and family-forming assistance; wellbeing allowance; educational assistance; mental health coaching/therapy; tax advantaged accounts such as HSA and healthcare/dependent care FSAs; a 401(k) retirement plan; and time off benefits that include vacation, sick time, and personal days. We Consider Applicants For All Positions On The Basis Of Merit, Qualifications And Business Needs, And Without Regard To Race, Color, National Origin, Religion, Sex, Gender Identity, Age, Disability, Alienage Or Citizenship Status, Ancestry, Marital Status, Creed, Genetic Predisposition Or Carrier Status, Sexual Orientation, Veteran Status, Familial Status, Status As A Victim Of Domestic Violence Or Any Other Status Or Characteristic Protected By Applicable Federal, State, Or Local Law. The NBA is committed to providing a safe and healthy workplace. To safeguard our employees and their families, our visitors, and the broader community from COVID-19, and in consideration of recommendations from health authorities and the NBA’s own advisors, any individual working onsite in our New York and New Jersey offices must be fully vaccinated against COVID-19. The NBA will discuss accommodations for individuals who cannot be vaccinated due to a medical reason or sincerely held religious belief, practice, or observance. **About the NBA** The National Basketball Association (NBA) is a global sports and media organization with the mission to inspire and connect people everywhere through the power of basketball. Built around five professional sports leagues: the NBA, WNBA, NBA G League, NBA 2K League and Basketball Africa League, the NBA has established a major international presence with games and programming available in 214 countries and territories in 60 languages, and merchandise for sale in more than 200 countries and territories on all seven continents. NBA rosters at the start of the 2024-25 season featured a record-tying 125 international players from a record-tying 43 countries. NBA Digital’s assets include NBA TV, NBA.com, the NBA App and NBA League Pass. The NBA has created one of the largest social media communities in the world, with more than 2.3 billion likes and followers globally across all leagues, team and player platforms. NBA Cares, the NBA’s global social responsibility platform, partners with renowned community-based organizations around the world to address important social issues in the areas of education, inclusion, youth and family development, and health and wellness.

Key Responsibilities

  • Aggregate risk posture, control gaps, and issue status into cohesive dashboards and executive reporting frameworks.
  • Serve as the single point of GRC intelligence, translating disparate signals into a coherent organizational risk picture.
  • Establish and maintain consistent metrics and KPIs reflecting compliance health across all security towers.
  • Own end-to-end issue lifecycle management from identification through remediation.
  • Build accountability mechanisms across tower leads and partner teams to keep risk closure on track.
  • Lead ISO 27001 certification maintenance, including evidence collection, control mapping, and audit readiness.
  • Manage relationships with external auditors and certification bodies.
  • Contribute to SOC 2 Type II compliance posture and coordinate with engineering, IT, and operations teams.
  • Conduct and document Level 1 cyber risk assessments using NIST CSF and ISO 27001 frameworks.
  • Maintain the enterprise cyber risk register, ensuring risks are properly rated, owned, and tracked.
  • Partner with tower leads, IT, Legal, Privacy, and Procurement to align on risk priorities.
  • Identify opportunities to replace manual compliance effort with scalable automation through GRC platforms.
  • Maintain working knowledge of GDPR, CCPA, and evolving data residency requirements.
  • Support third-party and vendor risk review processes in coordination with Legal and Procurement.

Skills Required

ISO 27001NIST CSFCIS BenchmarksGDPRCCPAData ResidencyIAMEncryptionTokenizationIncident ResponseGRC PlatformsDrataServiceNowOneTrustSystems thinkingCommunicationInfluenceAccountabilityCross-functional collaborationProblem solvingServiceNow GRCBroadcast infrastructure risk considerations

Benefits

  • Annual discretionary performance bonus
  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Life/AD&D insurance
  • Short-term disability
  • Long-term disability
  • Fertility and family-forming assistance
  • Wellbeing allowance
  • Educational assistance
  • Mental health coaching/therapy
  • HSA
  • Healthcare/dependent care FSAs
  • 401(k) retirement plan
  • Vacation time
  • Sick time
  • Personal days

App exclusive · Free

Smart Job AI Coach

Your personal interview coach on every job — readiness tips, profile improvements, and role-specific prep. Available only in the Pulse Job app.

Interview readiness

See how prepared you are and what to improve for each role.

Personalized tips

Actionable suggestions based on your profile and the job.

After you apply

Keep coaching momentum from job detail through application success.

Get Smart Job AI Coach in the appFree on iOS and Android

Job Overview

Salary

172,500–195,000 / Year

Currency: USD

Job Type

Full-time

Experience

Senior

Location

Secaucus, USA - Remote

Application Deadline

August 6, 2026

Total Applicants

0

About National Basketball Association

National Basketball Association logo

National Basketball Association is a leading company in the Technology sector, known for innovation and employee-centric culture.

View Company

Similar roles for you

Matched using this role's title and skills. Open the job search anytime to see every listing.

Believe logo

Senior Cybersecurity GRC

Believe

Full-timeEasy applyHybrid
Paris·Senior·Jul 10
General Motors logo

Staff Software Engineer — AI for Developer Productivity

General Motors

147,000–196,600 / Year

Full-timeHybrid
Markham·Senior·Jul 10
Delivery Hero logo

Staff Security Engineer, GSOC

Delivery Hero

Full-timeHybrid
Berlin·Senior·Jul 7
Dragos logo

Staff Engineering Support Engineer

Dragos

76,000 / Year

Full-timeWork from Home
United Kingdom·Senior·Jul 7
Plaid logo

Staff Software Engineer - Data Governance

Plaid

207,600–273,600 / Year

Full-timeEasy applyWork from Home
San Francisco HQ·Senior·Jul 10
American Express logo

Cybersecurity Engineer III

American Express

103,750–174,750 / Year

Full-timeEasy applyHybrid
Phoenix·Mid·Jul 10
Browse all jobs