This role is a key component of the security governance and assurance function within the InfoSec team. The role ensures security controls are defined and implemented by key partners across Betsson Group and includes maintaining a standard security control framework (ISO27001) captured in Betsson’s portfolio of security policies, procedures, and standards. Ultimately, this advisory role, carries the responsibility for all aspects of security governance, risk and compliance with a particular focus on security-related compliance and regulatory matters.

• Develop methods to monitor and measure security assurance and governance efforts.
• Maintain and uphold system ISO27001 and PCI-DSS assurance accreditation materials.
• Conduct technical security assessments of application, system or network, documenting the security posture and conformance to Betsson’s security control framework.
• Partake in security configuration reviews to ensure applications, networks and systems are compliant with policies and standards.
• Ensure policies, procedures, and standards are current whilst also developed, reviewed and updated periodically.
• Interface with external auditors in prepation for novel gaming license applications, and during ISMS audits by providing supporting evidence and coordinating meetings as necessary.
• Interface with various teams to manage information security related audits, findings and remediation actions.
• Maintain, follow-up and communicate the Security Risk Register together with internal stakeholders.
• Manage and maintain the Corrective Action Plan.
• Coordinate and participate in Business Continuity Table-top exercises .
• Participate in security due diligence assessments for new vendors or service providers.
• Participate in the Compliance Forum.
• Participate in the execution of a Security Awareness Programme.
• Act as a central point of reference for all matters concerning Security Governance, Risk and Compliance and act as an ambassador for good security governance.

• Knowledge of IT security within an infrastructure environment
• Knowledge of data privacy laws and regulations and the associated security controls required to meet compliance
• Proven knowledge of ISO27001 standard, NIST security standards, PCI-DSS requirements
• A first degree in a Computer Science related subject
• Industry standard certifications such as CISM/CISA are an asset
• 2/3+ years’ progressive experience in Security, Governance, Risk, Compliance or related professional area
• 2/3+ years’ experience working with enterprise security risk management frameworks and processes (e.g., ISO2700X, NIST, Cloud Security Alliance)
• 2/3+ years’ experience in facilitating and conducting security assessments related to PCI-DSS, ISO27001, NIST 800-53 and Cybersecurity Framework audits

• Proven ability to effectively prioritize and execute tasks in a high-pace environment
• Experience working with GRC systems and process planning
• Strong verbal and written communication skills with the ability to articulate and interpret legal obligations and security requirements
• Experience working with cross functional, sourced, or matrixed teams
• Strong negotiating, influencing and problem resolution skills
• Experience in business systems and process planning
• Knowledge of business environments, service requirements and hospitality culture particularly the gaming industry
• Ability to translate and map information security objectives into business strategies

Much like riding a rollercoaster, sometimes life at Betsson can be lightning fast with twists and turns but always FUN! Then again, what else would you expect from a business 75% millennial and 1700 strong, spread across 7 offices with 900 based out of our Malta HQ alone! We recognise it may not be for the faint-hearted, but if you’re a go-getter, initiator and adrenaline junkie, always striving to push the boundaries and challenge yourself, then you’ll fit right in.

If you are interested to learn more, please apply with your CV in English.

Check out the Betsson Group Blog to find out what our employees are talking about

By submitting your application, you understand that your personal data will be processed as set out in our Privacy Policy