Security Governance and Assurance Analyst - Flutter UKI, Hybrid

Cyber Security Analyst Mid 1

About Betfair Romania Development:

Betfair Romania Development is the largest technology hub of Flutter Entertainment, with over 2,000 people powering the world’s leading sports betting and iGaming brands. Exciting, immersive and safe experiences are delivered to over 18 million customers worldwide, from our office in Cluj-Napoca. Driven by relentless innovation and commitment to excellence, we operate our own unbeatable portfolio of diverse proprietary brands such as FanDuel, PokerStars, SportsBet, Betfair, Paddy Power, or Sky Betting & Gaming.

Our Values:

The values we share at Betfair Romania Development define what makes us unique as a team. They empower us by giving meaning to our contributions, and they ensure that we consistently strive for excellence in everything we do. We are looking for passionate individuals who align with our values and are committed to making a difference.

Win together | Raise the bar | Got your back | Own it | Positive impact

About Flutter UKI

Flutter UK & Ireland are the UKI region of Flutter Entertainment. They unite a dozen brands including powerhouses Paddy Power, Betfair, Tombola and Sky Betting & Gaming, bringing together hundreds of teams and thousands of colleagues, who create trusted entertainment for millions of customers every week.

Role Overview:

Reporting into the ISMS Policy Manager – UKI, the Security Governance and Assurance Analyst will be responsible for the day to day delivery of the tech workstream for Flutter UKI’s audits and assessments. This may include ISO 27001, Sarbanes-Oxley (SOX), NIST, PCI DSS in addition to other 2nd and 3rd line internal assessments. This position will work with stakeholders to ensure the regulatory demands upon the Tech teams are delivered, working closely with key internal and external stakeholders including auditors to ensure compliance.

The Security Governance and Assurance Analyst will independently manage the assessments, working with 2nd and 3rd line teams to ensure requests are sent out in a timely manner, evidence is received and meets the standard required for evidential assurance. They will facilitate conversations between 2nd and 3rd line stakeholders and Flutter UKI Tech teams and oversee the delivery of any remedial action.

The role will work closely with the ISMS & Policy Manager on the coordination of Compliance programmes and define and operationalise 1st line security controls and reporting within UKI. In addition, the role will help to drive the creation, review and adoption of InfoSec policies and standards.

The role requires a significant level of engagement across the UKI Infosec team and other stakeholders in the division & Group located in other European locations. There is therefore an expectation of some travel with this role, as required.

Key Accountabilities & Responsibilities:

Responsible for day-to-day delivery of Flutter UKI external compliance programmes, in particular ISO 27001, PCI DSS and SOX.
Responsible for facilitation of other second and third line audits e.g. NIST, Internal Audit, UKI Risk & Assurance assessments.
Assisting the ISMS & Policy Manager as required with the ISO 27001 audits and the creation, annual review cycle, withdrawal of policies and standards.
Understands the UKI Tech & Infosec principles and supports the team in delivering on these.

Skills, Capabilities & Experience Required:

Solid understanding of regulatory compliance frameworks such as PCI DSS, ISO27001, GDPR and Sarbanes-Oxley (SOX)
Experienced in successfully delivering and facilitating multiple projects / pieces of work simultaneously, re-prioritising as appropriate to meet deadlines with a pragmatic approach.
Understands risk management and has a sound understanding of how controls are implemented in line with business risk appetite & regulatory need
Can demonstrate the communication of technical matters to both tech/non-tech audiences, both internally and externally (auditors).
Can easily navigate internal/external audit & compliance engagements, along with supporting controls testing & evidencing requirements.
Ability to identify key issues & can communicate them to stakeholders leveraging colleagues as needed to find solutions.
Understand the people & cultural aspects to information security.
Assertive, results orientated and good attention to detail.

Benefits:

Hybrid & remote working options

€1,000 per year for self-development

Company share scheme

25 days of annual leave per year

20 days per year to work abroad

5 personal days/year

Flexible benefits: travel, sports, hobbies

Extended health, dental and travel insurances

Customized well-being programmes

Career growth sessions

Thousands of online courses through Udemy

A variety of engaging office events

Disclaimer:

We are an inclusive employer. By embracing diverse experiences and perspectives, we create a lasting, positive impact for our employees, customers, and the communities we’re part of. You don't have to meet all the requirements listed to apply for this role. If you need any adjustments to make this role work for you, let us know, and we’ll see how we can accommodate them.

We thank all applicants for their interest; however, only the candidates who best meet the job requirements will be contacted for an interview.

By submitting your application online, you agree that your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record. If your application is unsuccessful, we will retain your details for a period no longer than three years, to consider you for prospective roles within the company.

Security Governance and Assurance Analyst - Flutter UKI, Hybrid

Related Jobs

Service Coordinator | Mental Health Case Manager

Housekeeper | Janitor

Maintenance Technician - Make Ready

Maintenance Technician - EPA Certified

Leasing Consultant - Alternative Schedule

Supplemental Sales Agent - Miami, FL