Senior Technology Risk & Controls Analyst - Flutter Functions, Hybrid

Senior Technology Risk & Controls Analyst - Flutter Functions, Hybrid

Cyber Security Analyst Mid 2

About Betfair Romania Development​:

Betfair Romania Development is the largest technology hub of Flutter Entertainment, with over 2,000 people powering the world’s leading sports betting and iGaming brands. Exciting, immersive and safe experiences are delivered to over 18 million customers worldwide, from our office in Cluj-Napoca. Driven by relentless innovation and commitment to excellence, we operate our own unbeatable portfolio of diverse proprietary brands such as FanDuel, PokerStars, SportsBet, Betfair, Paddy Power, or Sky Betting & Gaming.

Our Values:

The values we share at Betfair Romania Development define what makes us unique as a team. They empower us by giving meaning to our contributions, and they ensure that we consistently strive for excellence in everything we do. We are looking for passionate individuals who align with our values and are committed to making a difference.

Win together | Raise the bar | Got your back | Own it | Positive impact

Role Overview:

As a Senior Technology Risk & Controls Analyst reporting to the Technology Risk & Controls

Senior Manager (GRC) you will play a key role in Flutter Functions’ GRC team, supporting risk management and controls assurance activities as well as ensuring cyber security processes are documented, maintained and communicated as appropriate. You will partner with stakeholders across business, technology, and cyber functions to drive effective risk governance, controls management and support risk-aware decision-making, and ensure alignment with regulatory expectations, industry standards, and enterprise risk appetite.

Key Accountabilities & Responsibilities:

• Support the Senior Manager in the operation of the Cyber & Tech Risk Management strategy, aligned with the Group Cyber Risk management framework and Enterprise Risk Management Framework
• Facilitate risk and deficiency identification and documentation in the corresponding registers.
• Guide and support risk and deficiency owners in evaluating risks and deficiencies and selecting appropriate treatment strategies.
• Support the Senior Manager in planning and executing the annual controls assurance activities including both external and internal assessments.
• Coordinate with cross-functional teams to ensure alignment with security and technology policies and regulatory requirements.
• Contribute to continuous improvement in cyber and technology risk and control processes through innovative solutions.
• Guide junior staff in cyber and technology risk management practices.
• Support the Senior Manager with the maintenance and configuration of the GRC tools.
• Ensure periodic reviews and updates to the maintained registers.
• Present risk insights and updates to both technical and non-technical senior stakeholders.
• Support internal and external audits related to cyber and technology risk domains.
• Contribute to the ongoing improvement of risk frameworks, methodologies, and tools.
• Contribute to the maintenance and enhancement the Flutter Functions Controls Library to ensure accurate reflection of controls, to mitigate key risks across the division.
• Build strong relationships with cyber, technology, and business stakeholders to ensure risk-related activities are embedded and effective.
• Maintain deep awareness of Flutter Functions risk profiles, control environments, and operating models.

Skills, Capabilities & Experience Required:

• Minimum 3 years’ experience in information security.
• Experience in managing cyber and technology risks, including good understanding of assessment methodologies, controls, and mitigation strategies.
• Previous experience of using tools (such as GRC or service management ones) to operate risk management processes.
• Awareness of industry frameworks and standards (e.g., NIST, ISO 27001, PCI DSS, COBIT, ITIL)
• Cybersecurity and risk certifications such as CRISC, are a plus.
• Technical knowledge of security technologies and best practices.
• Awareness of the 3 lines of defence model, roles of second line/assurance functions and internal audit
• Demonstrated ability to communicate complex information clearly to diverse audiences.
• Strategic thinker with the ability to influence and drive change across varied business functions.
• Strong analytical and investigative mindset; able to provide objective, data-driven insights.
• Results-focused, with a pragmatic approach to risk mitigation and decision-making.
• Fluent in English with excellent written and verbal communication skills.
• Highly organized, methodical, and adaptable to a fast-paced, dynamic environment.

Interpersonal & Strategic Attributes

• Influential and Trustworthy: Builds strong, trust-based relationships with stakeholders across the business.
• Objective: Approaches challenges with neutrality and fairness, ensuring consistent, evidence-based decisions.
• Collaborative: Works seamlessly with cross-functional teams to deliver on shared objectives and business outcomes.
• Adaptable: Navigates diverse perspectives with flexibility to reach optimal outcomes.
• Strategic Thinking: Maintains a forward-looking mindset aligned with Flutter’s broader technology and business goals.
• Effective Communication: Proactively engages stakeholders, communicates with purpose, and helps influence change through insight and clarity.

Benefits:

• Hybrid & remote working options
• €1,000 per year for self-development
• Company share scheme
• 25 days of annual leave per year
• 20 days per year to work abroad
• 5 personal days/year
• Flexible benefits: travel, sports, hobbies
• Extended health, dental and travel insurances
• Customized well-being programmes
• Career growth sessions
• Thousands of online courses through Udemy
• A variety of engaging office events                        

Disclaimer:

We are an inclusive employer. By embracing diverse experiences and perspectives, we create a lasting, positive impact for our employees, customers, and the communities we’re part of. You don't have to meet all the requirements listed to apply for this role. If you need any adjustments to make this role work for you, let us know, and we’ll see how we can accommodate them.

We thank all applicants for their interest; however, only the candidates who best meet the job requirements will be contacted for an interview.

By submitting your application online, you agree that your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record. If your application is unsuccessful, we will retain your details for a period no longer than three years, to consider you for prospective roles within the company.