Our team is growing, and we are actively looking to hire a Senior IT Security Assurance Specialist in our Sofia office!
The Senior IT Security Assurance Specialist will be responsible for ensuring technology controls are sufficiently protecting business risk, through the application of the Technology Risk & Control framework, and overseeing security policies, standards, guidelines and procedures.
This role will evaluate the design and effectiveness of controls protecting Flutter International external and internal networks, systems, applications, user access controls, mobile device applications as well as data coding standards.
- Participate in the development of new cyber security assessment and assurance practice services
- Conduct assurance testing on User Access Controls, Systems, Networks and Applications utilizing various security assessment tools and applications
- Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology / security threats against Flutter International business;
- Provide support to the group second line Cyber Security Assurance Program;
- Consult on Regulatory compliance requirements, reporting and questions;
- Provide support and consulting to the group third line internal and external audit function;
- Preparation and support for Audits by composing management responses and appropriate remediation activities;
- Contribute to the definition, development, and oversight of a global security management strategy and framework;
- Provide consultation and advice to partners on a broad range Technology Controls / Information Security programs / policies / standards and incidents for own specialized area;
- Support the on-going Technology Risk reporting, monitoring key trends and defining metrics by regularly measuring control effectiveness;
- Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise;
- Define / develop / implement / manage standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness;
- Practical and deep knowledge of security risk management methodologies and frameworks;
- Extensive cybersecurity consulting experience for large IT projects;
- Experience in conducting assurance testing on User Access Controls (Identity and Access Management), Systems (Vulnerability Assessments) , Networks (Firewall policy reviews) and Applications (Static and Dynamic Application Testing);
- Experience in assessing third party service providers;
- Experience with enterprise security platforms and architectural design;
- Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures;
- Strong understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX).
- Understanding of the Software Development Life Cycle and Development Operations (DevOps) principals.
- Experience working in Agile Framework a definite asset.
- Demonstrated strong technical writing and communication skills.
PokerStars is part of Flutter Entertainment Plc, a global sports betting, gaming and entertainment provider headquartered in Dublin and part of FTSE 100 index of the London Stock Exchange, which...Read more