FanDuel Group is an innovative sports-tech entertainment company that is changing the way consumers engage with their favorite sports, teams, & leagues. The premier gaming destination in the United States, FanDuel Group consists of a portfolio of leading brands across gaming, sports betting, daily fantasy sports, advance-deposit wagering, & TV/media, including FanDuel, Betfair US, & TVG. FanDuel Group has a presence across 45 states & 8 million customers. The company is based in New York with offices in California, New Jersey, Florida, Oregon, & Scotland.
SUMMARY OF THE ROLE
Reporting to the CTO, VP Technology for Cyber Security is accountable for security excellence across product, infrastructure, workplace & end user computing through security assurance, policies, processes, risk management, technical compliance, data security, cyber threat management & security operations.
You will take a collaborative & pragmatic approach, leading a small team of security professionals, working with your peers & stakeholders within FanDuel Group as well as the wider Flutter organization to define the security strategy to achieve the most appropriate balance between security, pace of delivery & ease of use across our product & technology state, protecting our customers & employees data without compromising their experience.
In this role you will serve as primary point of contact for the Flutter Internal Audit & Risk functions as well as the Flutter Global Cyber Security team.
ESSENTIAL DUTIES AND RESPONSIBILITIES
- Drive the FanDuel Group global strategy for IT security, risk & compliance through evangelization & education of cyber security services by communicating the vision & value.
- Design, implement & maintain policies, procedures & controls necessary to ensure & protect the safety & security of all information system assets within the organization, including prevention of intentional or inadvertent access, modification, disclosure, or destruction.
- Partner with IT & Engineering professionals to implement solutions to satisfy security objectives across our consumer-facing product estate, workplaces & end user computing environments
- Manage & conduct independent risk assessments, vulnerability scans & penetration testing against our technology infrastructure, establishing key metrics & partnering with technology teams to ensure appropriate plans in place to address gaps
- Drive our technology risk management & compliance process across all locations & product verticals including PCI & regulatory compliance
- Monitor, gather & report on IT Security related incidents & provide regular activity reports.
- Work with internal audit & risk functions to identify, plan & implement remediations to continuously improve our security maturity
- Lead a team of security professionals to achieve the security strategy, attracting & retaining the best talent
REQUIRED QUALIFICATIONS AND ABILITIES
- One or more certifications in the security field, for example CISSP, CISM, CCISO
- Subject Matter Expert in conducting cyber security risk assessments against technology infrastructure
- Expertise with delivering security solutions following standards-based frameworks such as ISO 27000 series, NIST, COBIT or SANS with clearly defined controls & processes
- Experience in highly regulated environment such as finance, online gaming or healthcare & compliance assessment frameworks such as PCI, HIPAA, NIST, GLBA & SOX
- Expertise in public cloud (such as AWS, GCP, Azure), private cloud (VMWare, OpenStack) & physical data center environments across Windows & Linux operating systems, computer networking, routing, switching, firewalls
- Experience in security concepts related to DNS, routing, authentication, VPN & DDOS mitigation technologies
WHAT YOU GET IN RETURN
Beyond working with such a great team?
- An exciting environment with real growth
- Contribute to exciting products used by a highly passionate user base
- Personal learning & development opportunities
- Flexible vacation allowance
- Attractive health insurance premiums
There's more, but we don't want to go on & on.
FanDuel Group is an equal opportunities employer. Diversity & inclusion in FanDuel means that we respect & value everyone as individuals. We don't tolerate bias, judgement or harassment. Our focus is on developing employees so that they reach their full potential.