Senior Cyber GRC Controls Assurance Analyst - Flutter Functions, Hybrid & Remote

Senior Cyber GRC Controls Assurance Analyst - Flutter Functions, Hybrid & Remote

Cyber Security Analyst Mid 2

About Betfair Romania Development​: 

 

Betfair Romania Development is the largest technology hub of Flutter Entertainment, with over 2,000 people powering the world’s leading sports betting and iGaming brands. Exciting, immersive and safe experiences are delivered to over 18 million customers worldwide, from our office in Cluj-Napoca. Driven by relentless innovation and commitment to excellence, we operate our own unbeatable portfolio of diverse proprietary brands such as FanDuel, PokerStars, SportsBet, Betfair, Paddy Power, or Sky Betting & Gaming, 

 

Our Values: 

The values we share at Betfair Romania Development define what makes us unique as a team. They empower us by giving meaning to our contributions, and they ensure that we consistently strive for excellence in everything we do. We are looking for passionate individuals who align with our values and are committed to making a difference. 

Win together | Raise the bar | Got your back | Own it | Positive impact 

About Flutter Functions

The Flutter Functions division is a key component of Flutter Entertainment, responsible for providing essential support and services across the organization. The division encompasses various corporate functions, including finance, legal, human resources, technology, and more, ensuring seamless operations and strategic alignment throughout the company.

Role Overview: 

As a Senior Cyber GRC Controls Assurance Analyst reporting to the Senior Cyber GRC Controls Assurance Manager, you will play a key role in shaping the Flutter Cyber Security Assurance Program capability to provide second line oversight and ensure that our cyber and security and technology controls are protecting us against cyber security and tech risk across all businesses within the group.

Key Accountabilities & Responsibilities: 

• Using a defined assurance framework, perform assessments of the design and operational effectiveness of our technology and cyber security controls.
• Maintain accurate records of testing activity which can stand up to scrutiny, document the findings uncovered during the control assessment activities, support the control owners to plan remediation activities and track their progress.
• Identify unmanaged risks using the data from assurance assessments and provide recommendations and guidance on cyber security controls to the divisions.
• Building and maintaining relationships with all our businesses to become knowledgeable of their cyber security risks and controls.
• The value of your work will be used by multiple stakeholders, both at group level (e.g. Enterprise Risk, Internal Audit) but also within divisions (e.g. Directors of Security, CTOs, process and control owners).
• Use large amounts of data to build reports and insights
• Support the configuration of the tools used by the team, ensuring that they remain operational and are utilized effectively to support the assurance and reporting processes.
• Monitor emerging threats, regulatory changes, and industry standards to identify and propose enhancements to Flutter’s cyber risk posture and control environment.
• Partner with GRC teams across the group to ensure a unified and consistent controls assurance approach.
• Build strong relationships with cyber, technology, and business stakeholders to ensure controls assurance activities are embedded and effective.
• Maintain deep awareness of divisional risk profiles, control environments, and operating models.
• Promote a controls assurance-aware culture through thought leadership and practical engagement.

Skills, Capabilities & Experience Required: 

• Minimum 3 years’ experience in information security.
• Good understanding of cyber security risk and controls
• Knowledge of security related technologies and industry standard security processes; previous experience with security controls in AWS environments is a plus
• Capable of determining what good process and control outputs should look like
• Data analysis skills (tools such as excel and PowerBI), with a keen eye for detail
• An inquisitive and logical thinker who possesses investigative and analytical qualities that will translate into deploying techniques for assessment of cybersecurity controls effectiveness
• Results-oriented with pragmatic recommendations and guidance
• Awareness of current IT Security standards such as NIST, ISO 27001, PCI DSS
• Certifications such as CISA, ISO 27001 auditor, are a plus

• Awareness of the 3 lines of defence model, roles of second line/assurance functions and internal audit

• Able to adapt communication style and to appreciate different and opposing perspectives across multiple divisions  
• Excellent verbal and written communications skills with a flexible attitude and the ability to meet deadlines under pressure
• Strong English language abilities, capable of effective communication both orally and in writing

Interpersonal & Strategic Attributes

• Influential and Trustworthy: Builds strong, trust-based relationships with stakeholders across the business.
• Objective: Approaches challenges with neutrality and fairness, ensuring consistent, evidence-based decisions.
• Collaborative: Works seamlessly with cross-functional teams to deliver on shared objectives and business outcomes.
• Adaptable: Navigates diverse perspectives with flexibility to reach optimal outcomes.
• Strategic Thinking: Maintains a forward-looking mindset aligned with Flutter’s broader technology and business goals.
• Effective Communication: Proactively engages stakeholders, communicates with purpose, and helps influence change through insight and clarity.

Benefits: 

• Hybrid & remote working options 

• €1,000 per year for self-development 

• Company share scheme 

• 25 days of annual leave per year 

• 20 days per year to work abroad 

• 5 personal days/year 

• Flexible benefits: travel, sports, hobbies 

• Extended health, dental and travel insurances 

• Customized well-being programmes 

• Career growth sessions 

• Thousands of online courses through Udemy 

• A variety of engaging office events                         

 

Disclaimer: 

 
We are an inclusive employer. By embracing diverse experiences and perspectives, we create a lasting, positive impact for our employees, customers, and the communities we’re part of. You don't have to meet all the requirements listed to apply for this role. If you need any adjustments to make this role work for you, let us know, and we’ll see how we can accommodate them.  

We thank all applicants for their interest; however, only the candidates who best meet the job requirements will be contacted for an interview. 

By submitting your application online, you agree that your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record. If your application is unsuccessful, we will retain your details for a period no longer than three years, to consider you for prospective roles within the company.