The role of the Flutter UK&I Data Protection & Compliance Office is to support, advise and monitor the UK&I Division’s delivery of its objectives across it brands in a manner that complies with data protection obligations. The office is responsible for the Division’s data protection framework, governance and operations, which enables the Division’s compliance with legal and regulatory obligations, and Flutter Entertainment internal policy.
Reporting to the Head of Department, the Senior Manager GRC will play a meaningful role in ensuring appropriate processes, systems and structures are in place to lead compliance with the UK&I Division’s data protection obligations.
Establishing and maintain data protection framework, policies, procedures and related documentation;
Working with colleagues in other geographical locations to enable the development of global standards, knowledge transfer, and guidelines.
Coordinate assurance activities across the three lines of defense, including internal audit, compliance testing, and external reviews, as required.
Develop assurance reporting that provides clear insight into control efficiency, risk trends, and systemic weaknesses.
Define and maintain control framework, mapping regulatory requirements.
Coordinate control design efficiency reviews and operating effectiveness testing.
Assessing risks and raising and reporting as required.
Horizon-scan regulatory developments and assess impacts on the risk and control environment.
Coordinating and being responsible for the data protection programme and projects.
Establish and maintain data protection KRIs, control metrics, and assurance dashboards.
Proactively resolving ad-hoc queries related to complex related analysis, acting as a proactive subject matter expert.
Developing materials, owning the rollout of training and awareness initiatives.
Establishing and maintaining positive relationships with key partners across the Division.
Line management of a team of two. Being a point of escalation on all data protection matters for more junior members of the team.
Extensive experience operating a second-line risk and assurance role within a GRC or risk management function.
Strong understanding of risk assessment methodologies and control testing.
Industry-recognised qualifications in data protection (CIPP/e, CIPM and/or CIPT qualifications through the International Association of Privacy Professionals (IAPP).
Degree, Master or equivalent level in Law, Business or similar field.
Excellent validated knowledge of data protection and e-privacy law in Ireland, UK and Europe
Previous experience of leading and mentoring teams.
Experience working with and running operations through data protection software platforms and strong MS office skills, in particular Excel, SharePoint and Powerpoint.
Confident working cross-functionally with all levels of management, internally and externally.
What we’ll offer you
£1,000 learning fund
Twice-yearly bonus (with part of it guaranteed!)
Pension contribution scheme
Private healthcare
Flexible ways of working – home or office, it’s your choice!
Access to thousands of Udemy courses
Invest via the Company Sharesave Scheme
16 hours paid volunteering time per year.
About Flutter UK & Ireland
Extraordinary starts here.
Flutter UK & Ireland unites a dozen brands, hundreds of teams and thousands of colleagues who create trusted entertainment for millions of customers every week.
With the likes of Paddy Power, Betfair and Sky Betting & Gaming in the fold, we’re the largest division of global entertainment giant Flutter and boast some of the most popular apps and games in UK and Ireland markets.
At Flutter UK&I, we can guarantee you that no two days will ever be the same — and you’ll have the chance to make a difference to your career, the industry, and your amazing colleagues.