Cyber GRC Engineer - Flutter Functions, Hybrid & Remote

Cyber GRC Engineer - Flutter Functions, Hybrid & Remote

Cyber Security Engineer Mid 1

About Betfair Romania Development​:

Betfair Romania Development is the largest technology hub of Flutter Entertainment, with over 2,000 people powering the world’s leading sports betting and iGaming brands. Exciting, immersive and safe experiences are delivered to over 18 million customers worldwide, from our office in Cluj-Napoca. Driven by relentless innovation and commitment to excellence, we operate our own unbeatable portfolio of diverse proprietary brands such as FanDuel, PokerStars, SportsBet, Betfair, Paddy Power, or Sky Betting & Gaming,

Our Values:

The values we share at Betfair Romania Development define what makes us unique as a team. They empower us by giving meaning to our contributions, and they ensure that we consistently strive for excellence in everything we do. We are looking for passionate individuals who align with our values and are committed to making a difference.

Win together | Raise the bar | Got your back | Own it | Positive impact

About Flutter Functions:

The Flutter Functions division is a key component of Flutter Entertainment, responsible for providing essential support and services across the organization. The division encompasses various corporate functions, including finance, legal, human resources, technology, and more, ensuring seamless operations and strategic alignment throughout the company.

Role Overview:

As a Cyber GRC Engineer, you will be responsible for supporting the design, implementation, and ongoing management of our GRC platform and our automated assurance framework. You will work closely with internal teams to ensure that the company adheres to industry standards, regulatory requirements and best practices related to cyber risk management and compliance. Your expertise will be key in integrating and maintaining cutting-edge tools that ensure our controls are automatically and continuously monitored. This role offers a unique opportunity to work closely with diverse teams, continuously optimising our systems to support our Governance, Risk, and Compliance (GRC) objectives.

Key Accountabilities & Responsibilities:

• Develop and integrate advancing tooling and technologies to ensure that security controls are effectively automated and continuously monitored.

• Ensure seamless implementation and configuration of toolsets with relevant internal systems and applications.

• Integrate automated assurance platform with relevant workflow tools such as Jira and Slack.

• Maintain and optimize the automated assurance toolset to ensure it operates efficiently and effectively.

• Manage regular updates and integrate new features as they become available.

• Implement automated solutions to mitigate potential threats and vulnerabilities.

• Continuously strive to identify opportunities for controls uplift and automation across both Cyber and the wider Technology infrastructure.

• Maintain high standards of security and risk management in line with relevant standards (NIST CSF, ISO 27001) by leveraging automation.

• Work with IT, security, risk and compliance, internal controls and audit teams to ensure the platform meets their needs.

• Train relevant staff on the use and benefits of the automated assurance tool.

• Monitor the effectiveness of automated controls, driving continuous improvements to maintain robust security and compliance.

• Create and maintain comprehensive documentation for the tool’s configuration, usage, and maintenance.

• Generate regular reports on the tool’s effectiveness and the organization’s compliance status.

• Utilise the tool to identify, assess, and mitigate cybersecurity risks.

• Generate automated risk reports and dashboards for management review.

Skills, Capabilities & Experience Required:

• Excellent problem-solving skills and the ability to analyse complex challenges

• Strong interpersonal and relationship-building skills

• Focused on developing knowledge and skills

• Self-motivated with a ‘get-out-there’ attitude focused on continuous improvement

• Strong focus on prioritisation and understanding trade-offs

• Willing to challenge the status quo

• Enjoy and comfortable within both individual and team environments

• Excels in fast-moving and dynamic environments

• Experience in integrating security tooling.

• Expertise in implementing automated assurance tools is desirable although not essential

• Knowledge of industry standards such as NIST CSF, ISO27001, or PCI-DSS is highly desirable.

• Proven experience in Cyber controls assurance (e.g. advisory, internal or external audit roles) is desirable although not essential

• Proficiency in scripting languages (e.g., Python, PowerShell) to automate processes and tasks.

• Ability to manage projects, including planning, execution, and monitoring

• Experience in working with technologies such as AWS, ServiceNow, Jira, Okta, Crowdstrike etc. is desirable

• Additional technical knowledge in AWS such as writing Lambda functions, creating AWS SCPs and CloudFormation templates as well as working with services such as Config and SecurityHub would also be advantageous

• Familiarity with GRC tools is an advantage

• Experience in performing proof of value (POV) exercises of Cyber security tooling is an advantage

Measure of Success:

• Automated Assurance Framework Roadmap defined and executed.

• ‘Out of the box’ plugins and bespoke integrations developed across our technology stack

• Clear processes for maintaining performance, monitoring reliability and driving continuous improvements on our GRC platforms

Benefits:

• Hybrid & remote working options

• €1,000 per year for self-development

• Company share scheme

• 25 days of annual leave per year

• 20 days per year to work abroad

• 5 personal days/year

• Flexible benefits: travel, sports, hobbies

• Extended health, dental and travel insurances

• Customized well-being programmes

• Career growth sessions

• Thousands of online courses through Udemy

• A variety of engaging office events                        

Disclaimer:

We are an inclusive employer. By embracing diverse experiences and perspectives, we create a lasting, positive impact for our employees, customers, and the communities we’re part of. You don't have to meet all the requirements listed to apply for this role. If you need any adjustments to make this role work for you, let us know, and we’ll see how we can accommodate them.

We thank all applicants for their interest; however, only the candidates who best meet the job requirements will be contacted for an interview.

By submitting your application online, you agree that your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record. If your application is unsuccessful, we will retain your details for a period no longer than three years, to consider you for prospective roles within the company.