Find a job

Cyber Security Third Party Supplier Assurance (TPSA) Analyst - 3718

Loading...
 

Cyber Security Third Party Supplier Assurance (TPSA) Analyst

  • Primary Location:
    Cluj - Napoca
  • Contract Type:
    Permanent
  • Employment Basis:
    Full-Time
Loading...

Flexible benefits of your choice

Learning and development opportunities

25 days annual leave

Customized wellbeing programs

Extended health and travel insurances

Top trending technologies

Share this page
Share with linkedin
Share with facebook
Share with twitter
Share with email

Who we are:

 

Betfair Romania Development is the development powerhouse behind the Paddy Power Betfair Group. We are in Cluj-Napoca since 2009, now employing over 900 highly skilled professionals who cover a wide range of tech and non-tech areas such as development, data, information security, infrastructure, product and project management, digital marketing or sports operations.

 

We work on delivering unrivalled products across the industry, therefore being a Center of Excellence not only amongst PPB's European offices, but also for supporting our colleagues at Sportsbet (AUS) and FanDuel (US) in creating a safe and excitement experience to our customers around the world.

 

At Betfair Romania Development, we know that an inclusive workplace makes for more engaged employees. As an industry leader, we continuously strive to maintain and grow a diverse and inclusive environment whilst also ensuring that we set the standards in ethical conduct and corporate responsibility.

 

Why Betfair?

 

Think Betfair. Experience Different.

It is no question that we, as a business, thrive on leveraging the power of people. We have a passion for innovation and a pace of change that creates a whirlwind of opportunities. At Betfair Romania Development, we believe in experiencing different. If you're tired of business as usual and want to create something new, you'll love it here. Quick-thinking, adaptable and disruptive, we believe the future is what you make it. Welcome to software development with a difference.

 

This our challenge:

 

  • Delivering product at scale for over 5 million customers, 99,9% of transactions in less than a second
  • Our systems process more than 7 million transactions every day (more than all the European stock exchanges combined)
  • Deliver high transitional products, serving more than 2.5Bn calls a day
  • Diverse and up to date technical landscape to explore, leverage and innovate
  • The products you'll develop will comply with ambitious uptime targets: less than 50 minutes downtime expected per year
  • Continuous Integration, Deployment and Testing

 

Role purpose:

The Flutter group relies on third-party suppliers to help facilitate the delivery of products and services to our customers; however, these relationships come with risk.  The Cyber Security TPSA Analyst will ensure that we maintain a safe and healthy relationship with suppliers via third-party risk management processes.

 

 

Accountabilities:

 

  • The Cyber Security TPSA Analyst must understand the cyber security risks posed by third parties working across with group and in context to the Flutter risk appetite.
  • The analyst will identify and assist with the management of third-party risk using established risk management processes both at group and divisional level.
  • Working within the third-party supplier engagement life cycle, the analyst will complete security assessments of new suppliers.
  • Perform continuous assessments of existing suppliers based on a risk-based selection process. This process involves reviewing evidence of the third-parties control environment.
  • When the relationship ends with a third-party supplier, the analyst must work with the business relationship owner to ensure that contract termination activities have been completed, including ensuring all Flutter data and assets have been deleted or returned.
  • Ensure the list of suppliers for the Flutter group is updated with accurate information including business relationship owners and the risk category.
  • Support the procurement process with the provision of relevant security contract clauses.
  • In collaboration with the Cyber Security Senior Manager – Technical Operational Compliance assess and track remediation plans for control deficiencies uncovered.
  • Work with the business relationship owner to ensure security is a top priority and build safe and healthy relationships with third party suppliers.
  • Perform regular governance activities to ensure third parties are being managed appropriately, e.g. no excessive access entitlements assigned.
  • Ensure any systems used to support the assurance program remain operational; including the monitoring of performance, ensure that the systems remain patched and any upgrades are managed.
  • Support the group business processes with accurate, relevant risk-based information about a third-party supplier's security posture.
  • Collate data for other risk reporting functions as required, e.g. Flutter KRI regular reporting, internal or external audit.
  • Maintain accurate records of all TPSA activity which can stand up to scrutiny by internal & external auditors as well as divisional stakeholders.
  • Build and maintain relationships with key stakeholders across the group.

 

 

Competencies:

 

  • Building Support - We establish close relationships with our stakeholders, underpinned by trust, integrity and respect. We are able to build awareness, understanding and positive momentum behind the Group technology strategy, often without being in a position to assert authority.
  • Objective - We are impartial and unbiased, ensuring equal treatment for all and that decisions taken are based on objective criteria.
  • Collaboration - We work effectively and in partnership with our stakeholders on shared goals that align towards the achievement of the Group technology strategy. We foster a collaborative environment and assume the role of leader when required.
  • Adaptable - We understand and appreciate different and opposing perspectives on an issue and are able to adapt our approach in order to achieve a successful outcome.
  • Strategic Thinking - We think about the big picture and use that perspective to support our Divisions to achieve competitive advantage through greater agility, faster time to market and a better customer experience.
  • Strategic Communication - We are proactive and considered in our approach to stakeholder communications. We actively listen, provide constructive feedback and help others to consider new perspectives.

 

 

Key Requirements/Experience:

  • A security information security governance, risk & compliance professional with an understanding of third-party cyber security risk.
  • Experience of dealing with supplier contracts, security controls, industry standard security processes and technologies, and personal data regulations (e.g. GDPR).
  • Experience performing risk assessments of the supply chain and articulating the risk to ensure processes and technologies are adapted to manage the risk to an acceptable level.
  • Understanding of the risk management lifecycle.
  • Inquisitive, disciplined and logical thinker who possesses strong investigative and analytical qualities that will translate into providing independent and objective analysis of cyber security Risk based on complex data sets.
  • Excellent verbal and written communications skills with a flexible attitude and the ability to meet deadlines under pressure.
  • Able to adapt communication style and to appreciate different and opposing perspectives across multiple divisions.
  • Results-oriented with the ability to influence outcomes with pragmatic recommendations and guidance.
  • A working knowledge of current IT Security standards such as ISO 27001, PCI, NIST, ISF, UKGC and Data Protection.
  • CRISC, CISA, CISSP, ISO 27001, COBIT, or ITIL certification is desirable.
  • Good level of spoken and written English (B2) (fluency in English is a must)

 

What you can expect:

  • 25 days of annual leave;
  • Sharesave scheme;
  • „Flexible Benefits” of your choice;
  • Private health insurance (includes dental insurance and health assessments);
  • Free parking;
  • Thousands of courses online through ‘Udemy'
  • Working from home options

 

Ways of working:

 

Flexible working is our way of working! We're a diverse workforce and therefore a 'one size fits all' approach isn't necessarily best. Whatever your personal needs may be, let's have a chat and see how we can accommodate them;

We thank all applicants for their interest, however only the suitable candidates will be contacted for an interview.

 

By submitting your application online, you agree that: your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record.If your application is unsuccessful, we will retain your details for a period no longer than two years, in order to consider you for prospective Paddy Power Betfair role.


 
Loading...
Close map
Location
Cluj - Napoca
Blvd. 21 Decembrie 1989, no. 77, The Office building, Betfair Romania Development, Entrance A, 4th Floor, Cluj, Romania, 400124
Loading...

This is who we are

Betfair Romania Development is the development powerhouse behind the FTSE 100 company Flutter Entertainment, located in Cluj-Napoca, Romania, since 2009.

We’re the employer of choice for over 900 highly skilled people in a wide range of Programming Languages, Information Security & Governance, Product & Program Management and Sports Operations.

We support an agile environment where bold ideas meet online innovation as the teams deliver excellence worldwide through 7 main project streams: Gaming, Customer Management, Infrastructure, Security, Data Warehouse, Marketing, and Risk & Trading.

EXPERIENCE DIFFERENT

We’re an international family of the talented and the brave. If you’re tired of business as usual and want to create something new, you’ll love it here. Quick-thinking, adaptable and disruptive, we believe the future is what you make it. Think Betfair. Experience Different.

This is your Challenge

We are part of Flutter Entertainment, a global sports betting, gaming and entertainment provider for over thirteen million customers worldwide.

Established in 2019, Flutter merged with The Stars Group in 2020. As the parent company Flutter Entertainment now has a host of brands that sit under it including Paddy Power and Betfair (PPB), Sky Betting and Gaming, PokerStars, Full Tilt Timeform, oddchecker, Sporting Life, SportsBet, Bet Easy in Australia, FOX Bet, TVG and FanDuel in the US.

Across the globe, Flutter employs over 14,000 people across more than 40 offices and over 600 retail sites. We pride ourselves on being a responsible operator, committed to making a positive contribution to the communities we operate within.