Position at PokerStars
Our team is growing, and we are actively looking to hire a Senior Security Specialist
You will be a domain expert in cyber security and support the Manager, IT Security, GRC and Audit in stakeholder management by maintaining solid relationships with External/Internal Audit, Risk & Compliance, Privacy, IT Infrastructure and Operational Business Units. This senior role will provide overall strategic and tactical cybersecurity leadership to IT teams and business users in major project initiatives.
Are you our next star player?
You’ll be providing security advisory & consultation services for product/service acquisition, solution design, implementation and management of major IT systems, projects, initiatives, M&A, new product development. You will review and interpret requirements documentation, architecture diagrams and solution designs to help figure out feasibility of a project and its security risk. You will also lead the cybersecurity risk and control design reviews for application, process, operations, and overall enterprise initiatives.
Why we need you
Your responsibilities will include:
- Performing detailed and timely threat risk assessment (TRA) on applications, systems, processes and solution integrations, including cloud-based solutions and vendor services.
- Performing Static / Dynamic Application Security Testing (SAST/DAST) of internally developed source code, including 3rd party libraries and their dependencies.
- Performing Third Party Supplier Assurance and Risk Assessments.
- Providing feedback to and participate in the ongoing maturity of the risk assessment process.
- Providing effective and cost beneficial risk treatment strategies and facilitate remediation tasks with other operational teams.
- Defining, developing, implementing, and leading Security Policies, Standards & Procedures that mitigate risk and improve security, service availability, efficiency, and effectiveness.
- Working with various stakeholders and project teams to ensure the design and implementation of resilient security architecture and technologies for efficient threat protection, monitoring and incident response.
- Developing on-going technology risk reporting, supervising key trends, and defining security metrics to measure control efficiency, compliance and continuous improvement.
- Monitoring and advising on cyber security compliance related to IT to ensure internal security controls are functioning appropriately.
- Advising the organization about emerging cyber security threats, technologies, and related regulatory requirements.
- Consulting on regulatory compliance requirements, reporting and enquiries.
- Providing support and consultation for audits and assist with formulating management responses and appropriate remediation activities.
Who we’re looking for?
- A bachelor’s degree in Computer science, Computer Engineering or equivlent working experience.
- 7+ years in Cyber Security consultative roles, preferably within large/multi-national organization.
- Professional certification: Security certification of one or more of the following: CISSP, CCSP, CISA, CRISC, CISM, CGEIT.
- Experience with enterprise security platforms and architectural design. Strong preference to candidates with shown Cloud Computing experience.
- Experience working in Agile Framework a definite asset.
- Extensive cybersecurity consulting experience for large IT projects.
- Experience in assessing third party service providers
- Practical and deep knowledge of security risk management methodologies and frameworks.
- Solid understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX).
- Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
- Understanding of the Software Development Life Cycle and Development Operations (DevOps) principals.
- High degree of professionalism, work ethic, integrity and passion for Information Technology and Security
- Confirmed leadership skills and ability to build strong working relationships.
- Self-directed with ability to work independently, prioritize and execute autonomously.
- A great teammate with ability to communicate and collaborate effectively across the organization and operate optimally with multiple cross-departmental teams towards a shared goal.
- Strong problem solving and critical thinking skills.
- Demonstrated strong technical writing and communication skills.
What’s in it for you?
Our experience-based salaries are competitive. Plus, there’s a discretionary annual performance bonus.
Your package will include:
- health and dental insurance for you, your partner and your children (if you all live at the same address)
- a personal interest allowance to let you learn something new or pursue a hobby
- $1,900 as congratulations if you have a baby whilst you work for us
- discounts on local gyms, restaurants and events
- free snacks and catered lunch
- in-house training and development to develop your skills, progressing your career.
What happens next?
If you’re what we’re looking for, the next up will be a phone interview. And if that goes well, we’ll meet you for a face-to-face interview.
PokerStars is part of Flutter Entertainment Plc, a global sports betting, gaming and entertainment provider headquartered in Dublin and part of FTSE 100 index of the London Stock Exchange, which brings together exceptional brands, products and businesses and a diverse global presence in a safe, responsible and ultimately sustainable way.
We are an equal opportunity employer that values diversity. We do not discriminate on any protected characteristic as defined by applicable law.
We will look to provide reasonable accommodation for applicants with disabilities to participate in the job application or interview process. If you need assistance, please contact: [email protected]
Please note we cannot accept general applications; this inbox is just for providing support to those who need it.