Intermediate Information Security GRC Specialist

  • вработување
  • Скопје
  • Аплицирањето е завршено
Singular

Веб-страница Singular

Be Outstanding!

Are you a resourceful Information Security GRC Specialist who wants to work on award-winning software solutions? If so, you might be the next person to join the #SingularTeam!

Singular is an established brand in the iGaming industry developing award-winning solutions that stand out with their flexibility, reliability, and innovation. These three key aspects shape our competitive factor in the market. As of 2021, Singular is part of the biggest iGaming brand worldwide, Flutter Entertainment. The backbone of our success lies in using novel technologies & agile processes by our team of 160+ highly-skilled people.

 

Role Overview

The InfoSec GRC specialist will be part of the InfoSec Governance, Risk and Compliance (GRC), Compliance team, reporting to the Head of Technology Regulatory Compliance.  This role is focused on our international division and specifically the Singular and Pokerstars brands.

As part of the InfoSec GRC team, we need to ensure that we have Cyber controls in place to achieve the following outcomes.

  • We employ a best practice approach to managing Cyber risk.
  • We protect our regulatory and compliance responsibilities.
  • 100% of our most significant technology, regulatory license requirements are understood and tracked.
  • We have a sustainable, consistent Cyber controls assurance operation.
  • If controls fail, we take swift action to protect our players and we constantly hunt for threats
  • Robust, low friction controls ensure our players get a safe, secure and reliable experience.

It will be your job to understand the controls we have in place and to ensure we are meeting our technology-related compliance needs pertaining to the gambling and wagering sector. The Technology team provides services that cover twenty-five gaming/gambling licences offering Poker, Casino and Sports products across European and US markets. As the number of licenses and products increase, so do the technical requirements for each jurisdiction. This will include participation in the review and implementation of Technology controls to ensure compliance across all territories we are currently active in, creation of new and standardised processes into the business operating model, and documentation of roles and responsibilities across processes spanning multiple teams and functions.

Your role will include control processes assurance, control reviews, and identification of risks. You will play a BIG part in our growing Information Security Governance, Risk and Compliance team. You will have a strong focus on Technology Compliance, Cyber controls and assurance activities across both on-premises and Cloud/AWS environments. With a solid knowledge in well-known industry standards such as ISO 27001/2, NIST, ISF SoGP and CIS.


Duties and Responsibilities

  • Implement GRC (governance, risk, and compliance) processes to continuously monitor controls, exceptions and risks.
  • Take ownership of department and/or brand risk registers as required. Keep these up-to-date and maintained.
  • Assessments of effectiveness and efficiency of controls
  • Ownership of the ISMS control position and improvement programme for Singular
  • Performs control assessments and investigates any deficiencies.
  • Documents and reports control failures and gaps to stakeholders.
  • Creates control improvement plans and monitors remediation activities and progress against these.
  • Remains current on best practices and technological advancements.
  • You will have experience of managing and driving risk management and assurance/compliance reviews, audits and all aspects of Technology and IT security compliance.

Qualifications

  • Demonstrable experience of working in an Information security or IT compliance and assurance-related role.
  • Experience documenting technical controls and analysing risk.
  • Experience with complex online platforms and systems.
  • Excellent verbal and written communications skills with the ability to adapt communication style to proactively deliver critical information to senior stakeholders and to appreciate different and opposing perspectives.
  • Solid technical knowledge of security related technologies and industry standard processes across all Cyber Security risk areas.
  • Strong working knowledge and experience of current IT Security standards such as ISO 27001/2, CIS, AWS/CAF, PCI, NIST, ISF SoGP.
  • Inquisitive, disciplined, and logical thinker who possesses strong investigative and analytical qualities that will translate into providing independent and objective analysis of Cyber Security and Technology controls.
  • Results-oriented with the ability to influence outcomes with pragmatic recommendations and guidance.
  • A methodical approach to organising workload to ensure deadlines are met.
  • A proven team player who is willing to share knowledge and train colleagues, who is approachable and willing to assist.
  • A formal qualification such as CRISC, CISA, CISSP are desirable.
  • Experience working within a highly regulated industry. A definite advantage would be experience in the online gambling industry and experience of gambling regulatory requirements.

Benefits

  • Competitive compensation & benefits package;
  • Career and professional advancement;
  • Training and learning opportunities – Online Learning Portals, Public Lectures, Conferences;
  • Insurance package;
  • International work experience;
  • Travel opportunity;
  • Outstanding working environment;
  • Relocation Opportunity.

Why you should apply

We nurture a teamwork environment where ideas are communicated, and knowledge sharing is encouraged. We appreciate the talent and inspire constant self-improvement. We constantly search for progressive thinkers, creative doers, game-changers, visionaries, and groundbreakers who never settle for mediocrity.