GRC Engineer

ABOUT FANDUEL

FanDuel Group is the premier mobile gaming company in the United States and Canada. FanDuel Group consists of a portfolio of leading brands across mobile wagering including: America’s #1 Sportsbook, FanDuel Sportsbook; its leading iGaming platform, FanDuel Casino; the industry’s unquestioned leader in horse racing and advance-deposit wagering, FanDuel Racing; and its daily fantasy sports product.  

In addition, FanDuel Group operates FanDuel TV, its broadly distributed linear cable television network and FanDuel TV+, its leading direct-to-consumer OTT platform. FanDuel Group has a presence across all 50 states, Canada, and Puerto Rico.

The company is based in New York with US offices in Los Angeles, Atlanta, and Jersey City, as well as global offices in Canada and Scotland. The company’s affiliates have offices worldwide, including in Ireland, Portugal, Romania, and Australia.

FanDuel Group is a subsidiary of Flutter Entertainment, the world's largest sports betting and gaming operator with a portfolio of globally recognized brands and traded on the New York Stock Exchange (NYSE: FLUT).

THE POSITION
Our roster has an opening with your name on it

FanDuel is seeking a GRC Engineer to bring technical excellence to our Governance, Risk, and Compliance initiatives. You’ll focus on engineering solutions, automation, and integrations that support programs in Third-Party Risk Management (TPRM), Identity Governance & Administration (IGA), Technology Risk, and Business Continuity/Disaster Recovery (BCDR).

To be successful in this role, you’ll need to be curious, adaptable, and eager to solve complex challenges with code. You should thrive on working across technical domains, collaborating with peers, and finding innovative ways to embed GRC practices into real-world systems. Success means delivering reliable, scalable solutions that strengthen assurance and enable the business to move fast while staying secure.

In addition to the specific responsibilities outlined above, employees may be required to perform other such duties as assigned by the Company. This ensures operational flexibility and allows the Company to meet evolving business needs.

THE GAME PLAN
Everyone on our team has a part to play

• Engineer automation and integrations that streamline GRC processes and reduce manual effort.
• Implement solutions across TPRM, IGA, and BCDR, supporting vendor risk assessments, access recertifications, and resilience testing.
• Build and maintain APIs and integrations between GRC platforms, IAM systems, and enterprise tools.
• Automate control testing and monitoring to improve consistency, assurance, and speed of response.
• Collaborate with engineers across technical domains to embed GRC requirements into infrastructure, applications, and cloud services.
• Contribute to documentation and knowledge sharing for GRC tooling, integrations, and automated workflows.
• Build and maintain automation using platforms like Tines and perform API integrations for evidence collection, assurance reporting, and user populations.
• Support and advise engineering teams on “policy as code” approaches (e.g., using Rego/OPA or similar frameworks) to embed controls directly into engineering workflows, ensuring compliance and risk requirements are enforced at scale.
• Stay current on evolving regulations and technologies, applying them to engineer sustainable solutions.
• Support other critical GRC initiatives as assigned or needed, ensuring flexibility and responsiveness to business priorities.
  
  
  

THE STATS
What we're looking for in our next teammate

• 5–7+ years of experience in Security Engineering or a Technical GRC function (candidates with strong technical ability and fewer years will be considered).
• Strong coding/scripting skills (Python, JavaScript, PowerShell, SQL) and ability to integrate systems using APIs.
• Experience building automation or integrations in enterprise environments.
• Familiarity with GRC domains such as TPRM, IGA, and BCDR and associated toolsets, e.g., OneTrust, Zilla, Riskonnect, Anecdotes, or similar.
• Knowledge of regulatory frameworks and control domains (SOX, SOC 2, PCI, GDPR, NIST CSF, ISO 27001).
• Familiarity with AWS infrastructure and integration patterns.
• Experience with automation and orchestration tools (e.g., Tines) and API integrations for evidence collection and monitoring is strongly preferred.
• Experience with policy as code frameworks (e.g., Rego/OPA, CloudFormation Guard, Terraform Sentinel) a plus.
• Strong collaboration and communication skills — able to work across functions and explain technical concepts clearly.
• Innovative and adaptable mindset – comfortable learning quickly, adjusting to evolving regulations and technologies, and seeking out innovative approaches.
• Pragmatic approach – focused on balancing compliance rigor with engineering realities in a fast-moving environment.
• Preferred Certifications: CISA, CISSP, or CISM.
  
  
  

PLAYER BENEFITS
We treat our team right

We offer amazing benefits above and beyond the basics. We have an array of health plans to choose from (some as low as $0 per paycheck) that include programs for fertility and family planning, mental health support, and fitness benefits. We offer generous paid time off (PTO & sick leave), annual bonus and long-term incentive opportunities (based on performance), 401k with up to a 5% match, commuter benefits , pet insurance, and more - check out all our benefits here: FanDuel Total Rewards. *Benefits differ across location, role, and level.

FanDuel is an equal opportunities employer and we believe, as one of our principles states, “We are One Team!”. As such, we are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, creed, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, or any other characteristic protected by state, local or federal law. We believe FanDuel is strongest and best able to compete if all employees feel valued, respected, and included.

The applicable salary range for this position is $116,000 - $145,000 USD, which is dependent on a variety of factors including relevant experience, location, business needs and market demand. This role may offer the following benefits: medical, vision, and dental insurance; life insurance; disability insurance; a 401(k) matching program; among other employee benefits. This role may also be eligible for short-term or long-term incentive compensation, including, but not limited to, cash bonuses and stock program participation. This role includes paid personal time off and 14 paid company holidays. FanDuel offers paid sick time in accordance with all applicable state and federal laws.

FanDuel is committed to providing reasonable accommodations for qualified individuals with disabilities. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please email Benefits@fanduel.com.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

#LI-Hybrid