InfoSec Governance Specialist
At Betsson Group, we strive to offer the best employee experience in the gaming industry and beyond. When becoming a Betssonite an employee is instantly immersed in the One Betsson spirit and gets to work and collaborate with smart, creative, and talented individuals who are passionate about what they do. We offer an international, fun, and diverse environment with a strong company culture. We encourage work life balance, drive innovation and sense of belonging through our great leaders, and provide ample opportunities for growth and career development.
Betsson is both ISO27001:2013 and PCI-DSS certified making this a core senior function within the Information Security Team. InfoSec Governance Specialist role is a key component of the security governance and assurance function within the InfoSec team. The role ensures security controls are defined and implemented by key partners across Betsson Group and includes maintaining a standard security control framework (ISO27001) captured in Betsson’s portfolio of security policies, procedures, and standards. Ultimately, this advisory role, carries the responsibility for all aspects of security governance, risk and compliance.
A taster of what you will be involved with
- Develop methods to monitor and measure security assurance and governance efforts
- Maintain and uphold system ISO27001 and PCI-DSS assurance accreditation materials
- Conduct technical security assessments of application, system or network, documenting the security posture and conformance to Betsson’s security control framework
- Partake in security configuration reviews to ensure applications, networks and systems are compliant with policies and standards
- Ensure policies, procedures, and standards are current whilst also developed, reviewed and updated periodically
- Interface with external auditors in prepation and during ISMS audits by providing supporting evidence and coordinating meetings
- Interface with various teams to manage audits, findings and remediation actions
- Maintain, follow-up and communicate the Security Risk Register
- Manage and maintain the Corrective Action Plan
- Coordinate and participate in Business Continuity Table-top exercises
- Participate in security due diligence assessments for new vendors or service providers
- Participate in the Compliance Forum
- Participate in the execution of a Security Awareness Programme
Who we are looking for
- 2/3+ years’ progressive experience in Security, Governance, Risk, Compliance or related professional area
- 2/3+ years’ experience working with enterprise security risk management frameworks and processes (e.g., ISO2700X, NIST, Cloud Security Alliance)
- Knowledge of IT security within an infrastructure environment
- Knowledge of data privacy laws and regulations and the associated security controls required to meet compliance
- Proven knowledge of ISO27001 standard, NIST security standards, PCI-DSS requirements
- A first degree in a Computer Science related subject
- Proven ability to effectively prioritize and execute tasks in a high-pace environment
- Experience working with GRC systems and process planning
- Strong verbal and written communication skills with the ability to articulate and interpret legal obligations and security requirements
- Experience working with cross functional, sourced, or matrixed teams
- Strong negotiating, influencing and problem resolution skills
- Experience in business systems and process planning
- Knowledge of business environments, service requirements and hospitality culture particularly the gaming industry
What we offer
Much like riding a rollercoaster, sometimes life at Betsson can be lightning fast with twists and turns but always FUN! Then again, what else would you expect from a business of 75% millennial, 10% GeX, 60+ nationalities, equal opportunity employer where 40% of our workforce are women and growing. More than 2000 strong professionals spread across 13 offices with up to 1000 of them based in our Malta HQ alone, which is where you will be based for this role. Furthermore, we offer 10 days per year of remote work from any EU location.
We offer a hybrid working model which gives our Betssonites the best of two worlds: 2 days working from the office to connect and collaborate in person and 3 days working from home to reflect our employee's preference.
We recognise it may not be for the faint-hearted, but if you’re a go-getter, initiator, and adrenaline junkie, always striving to push the boundaries and challenge yourself, then you’ll fit right in.