An exciting opportunity has opened up for a Security Governance and Assurance Analyst to join the team, initially as a 6-Month Fixed-Term Contract covering maternity leave.
Reporting into the Senior Governance & Assurance Manager – UKI, the Security Governance and Assurance Analyst will be responsible for the day to day delivery of the tech workstream for Flutter UKI’s audits and assessments. This may include ISO 27001, Sarbanes-Oxley (SOX), NIST, PCI DSS in addition to other 2nd and 3rd line internal assessments. This position will work with stakeholders to ensure the regulatory demands upon the Tech teams are delivered, working closely with key internal and external stakeholders including auditors to ensure compliance.
The Security Governance and Assurance Analyst will independently manage the assessments, working with 2nd and 3rdline teams to ensure requests are sent out in a timely manner, evidence is received and meets the standard required for evidential assurance. They will facilitate conversations between 2nd and 3rd line stakeholders and Flutter UKI Tech teams and oversee the delivery of any remedial action.
The role will work closely with the ISMS & Policy Manager on the coordination of Compliance programmes and define and operationalise 1st line security controls and reporting within UKI. In addition, the role will help to drive the creation, review and adoption of InfoSec policies and standards.
The role requires a significant level of engagement across the UKI Infosec team and other stakeholders in the division & Group, some of which are in multiple global locations. Therefore, there is an expectation of travel with this role, as required.
What you’ll do
Responsible for day-to-day delivery of some of Flutter UKI's external compliance programmes, which may include ISO 27001, PCI DSS and SOX.
Responsible for facilitation of some of our other second and third line audits e.g. NIST CSF 2.0, Internal Audit, UKI Risk & Assurance assessments.
Assisting the ISMS & Policy Manager as required with the ISO 27001 audits and the creation, annual review cycle, withdrawal of policies and standards.
Understands the UKI Tech & Infosec principles and supports the team in delivering on these.
What you’ll need:
Solid understanding of regulatory compliance frameworks such as Sarbanes-Oxley, PCI DSS, ISO27001, NIST CSF 2.0, GDPR.
Experienced in successfully delivering and facilitating multiple projects / pieces of work simultaneously, re-prioritising as appropriate to meet deadlines with a pragmatic approach.
Well versed in risk management and has a sound understanding of how controls are implemented in line with business risk appetite & regulatory need.
Can demonstrate the communication of complex technical matters to both tech/non-tech audiences, both internally and externally (auditors).
Can easily navigate internal/external audit & compliance engagements, along with supporting controls testing & evidencing requirements.
Ability to identify key issues & can communicate them to stakeholders leveraging colleagues as needed to find solutions.
Understand the people & cultural aspects to information security.
Assertive, results orientated and good attention to detail.
Competencies Required:
Hungry for Results : Achieves results at pace with energy and drive; consistently achieves and exceeds expectations; takes accountability and always delivers on what has been promised; action orientated, agile in approach, calls out when things go wrong; sets stretch goals and holds self and others to high standards of performance; demonstrates rigour and commitment to activities; always acts with integrity and invests in building trust with all stakeholders.
Wins Together : Is a team player- by working collaboratively is able to establish and engage networks to achieve shared objectives; acting as a key support whenever possible; effectively communicates and shares information to ensure others are fully informed; praises others for their contributions and accomplishments; gains trust and support of others.
Resilient: Maintains excellent composure and professionalism even in very difficult situations; confident under pressure, handles and manages crises effectively; bounces back from setbacks and acts as a role model for others; maintains a positive attitude despite adversity; skilfully handles challenges and obstacles applying insights from others and lessons learned from mistakes.
Game changer: Remains curious and generates new and useful ideas or solutions to solve challenges; is open to innovations and gets involved in unfamiliar tasks or new areas; learns new methods, tools and technologies and applies them to work.
Nimble : Quickly understands and adapts well to new and unfamiliar situations or challenges; consistently performs experiments to find the best solution; learns from others' experiences and shares lessons learned from own mistakes; is transparent about failure and views mistakes as opportunities to learn.
Quality decision maker: Considers all relevant factors and uses appropriate decision-making criteria and principles; takes smart, independent action in urgent and unusual situations; collaborates effectively to speed up decision making and clearly understands when to escalate to others; shares ideas and applies insights from experienced team members on how to address new situations; comfortable giving opinions and takes decisive action; strives for excellence.
Effective communicator: Is effective in a variety of communication settings; one-on-one, F2F, virtual meetings, small and large groups, or among diverse styles; actively listens to others and takes opinions and ideas on board; demonstrates humility in their dealings with others; provides timely and helpful information to others across the organisation.
What’s on offer
£/€1,000 learning fund
Twice-yearly bonus (with part of it guaranteed!)
Unlimited Holiday
Pension contribution scheme
Private healthcare
Hybrid Working
Access to thousands of Udemy courses
Invest via the Company Sharesave Scheme
About Flutter
Flutter is the world’s leading online sports betting and iGaming operator, with a market leading position in the US and across the world. Our ambition is to change our industry for the better, making use of our significant scale and challenger mentality.
By Changing the Game, we believe we can deliver long-term growth while promoting a positive, sustainable future for the industry. We are well-placed to do so through the distinctive, global advantages of the Flutter Edge, which gives our brands access to group-wide benefits to stay ahead of the competition, as well as our clear vision for sustainability through our Positive Impact Plan.
Flutter operates a diverse portfolio of leading online sports betting and iGaming brands including FanDuel, Sky Betting & Gaming, Sportsbet, PokerStars, Paddy Power, Sisal, tombola, Betfair, MaxBet, Junglee Games and Adjarabet.
About Flutter UK & Ireland
The UK & Ireland region of Flutter unites some of the biggest brands in the betting and gaming industry; Betfair, Paddy Power, PokerStars, Sky Betting & Gaming and tombola.
At Flutter UK & Ireland, we strive for the next level and drive innovation to set the pace as leaders, putting our customers first, always . We win together through team spirit and unparalleled dedication. When we’re free to be ourselves , we thrive and unleash our unique talents —creating a culture that empowers our people to change the game. We see opportunity everywhere and there is always more to discover...
We’re working to be an inclusive employer. We encourage people from all backgrounds, ways of thinking and working to apply. Everyone brings different perspectives and experiences; you don't have to meet all the requirements listed to apply for this role.
If you need any adjustments to make this role work for you let us know, and we’ll see how we can accommodate them.