Cyber Risk Associate Manager

About us:
Flutter, the world's largest online sports betting and iGaming group listed on the London and New York stock exchanges, is home to the Southern Europe & Africa (SEA) region, featuring iconic brands like Sisal and PokerStars, a globally loved brand that embodies innovation and ambition, with significant growth potential in a dynamic market.

What you'll do:

• Join the team of Legal & Risk and in particular in the Information Security (CISO) reporting directly to Cyber Risk & Control Assurance Manager
• Have the opportunity to be involved in supporting the evaluation, implementation, and assurance of cybersecurity controls across the organization, ensuring that cyber risks are effectively identified, assessed, and mitigated through robust governance and assurance practices. You will collaborate across teams to ensure compliance with internal policies and external regulatory requirements, while fostering a culture of continuous control improvement. Main responsibilities:
• Identify, assess, and mitigate cybersecurity risks;
• Maintain a risk register and ensure risk assessments are conducted regularly;
• Define security controls to address identified threats and vulnerabilities;
• Ensure risk management processes are integrated across the organization;
• Evaluate the effectiveness of implemented controls and the posture across cybersecurity capabilities;
• Identify deficiencies and identify appropriate business stakeholders for deficiency remediation;
• Prepare reports and track remediation;
• Perform continuously monitor testing outputs within the GRC platform and the remediation of any failed tests;
• Provide input and review into any new control testing procedures;
• Identify third-party relationships and classify them based on criticality, data access, and service impact;
• Perform security due diligence before onboarding third parties;
• Conduct initial and periodic risk assessments based on the services provided;
• Perform continuous assessment about security control maturity (NIST CSF Framework);
• Manage GRC platform and report risks to Flutter Group Cyber;
• Define and maintain Key Risk Indicators and develop reporting dashboards.

What you'll bring:

• Proven experience (at least 3/5 years) in security risk management, security assessments, control framework definition, third party risk management
• A degree in Cybersecurity, Information Systems, Risk Management, Computer Science, or a related field.
• Previous experience in cyber risk management, IT audit or control assurance, preferably within a regulated industry (e.g., finance, healthcare, energy) or consultancy. Hands-on experience with control testing methodologies, GRC platforms, and audit/assessments lifecycle management.
• Excellent knowledge of cybersecurity frameworks (NIST CSF, ISO and risk assessment methodologies. Familiarity with regulatory and compliance standards, such as GDPR, SOX, NIS2 and PCI DSS.
• Ability to assess and identify risk in complex technical environments and communicate assurance findings to technical and non-technical stakeholders.
• Strong analytical, documentation, and reporting skills. Excellent interpersonal and project management skills with a strong attention to detail.
• Professional certifications such as CRISC, CISA, CISSP, or ISO 27001 Lead Auditor. Experience in cloud security assurance and third-party/vendor risk management is a strong advantage
• Fluency in english is required, with strong written and verbal communication skills.

Why choose us:

• Permanent contract with Hybrid Work;
• Meal Allowance;
• Supplemental Health Insurance;
• The option to join our company share saving scheme.

Choose us also for:

• An inclusive work environment and participate in all our initiatives focused on Diversity & Inclusion;
• Well-Being Support: online meditation courses, medical online service and counselling with the help of certified psychologists and coaches;
• Learning and Development: access a platform full of training courses, join workshops, conferences. Exploit our FlexiLearning program, which allows you to dedicate at least 4 working hours per month for your professional growth;
• Parental Leave Packages: additional support for you, children and financial aid for mothers;
• Volunteering during your working hours.

Much more about us:

• Have a look at our amazing blog Inside. Hear directly from our employees at the following link: Inside
• Reviews and comments from our Glassdoor and Indeed pages. Put yours

Equal Opportunity
Flutter is an Equal Opportunity Employer. Diversity and Inclusion are fundamental values for us. We welcome any candidate without distinction of age, culture, religion, ethnicity, sexual orientation, gender identity and expression.