Senior Security Governance Specialist

This role is a key component of the security governance and assurance function within the InfoSec team.

The role ensures security controls are defined and implemented by key partners across Betsson Group and includes maintaining a standard security control framework (ISO27001) captured in Betsson's portfolio of security policies, procedures, and standards. Ultimately, this advisory role, carries the responsibility for all aspects of security governance, risk and compliance with a particular focus on security-related compliance and regulatory matters.

• Develop methods to monitor and measure security assurance and governance efforts.
• Maintain and uphold system ISO27001 and PCI-DSS assurance accreditation materials.
• Conduct technical security assessments of application, system or network, documenting the security posture and conformance to Betsson's security control framework.
• Partake in security configuration reviews to ensure applications, networks and systems are compliant with policies and standards.
• Ensure policies, procedures, and standards are current whilst also developed, reviewed and updated periodically.
• Interface with external auditors in preparation for novel gaming license applications, and during ISMS audits by providing supporting evidence and coordinating meetings as necessary.
• Interface with various teams to manage information security related audits, findings and remediation actions.
• Maintain, follow-up and communicate the Security Risk Register together with internal stakeholders.
• Manage and maintain the Corrective Action Plan.
• Coordinate and participate in Business Continuity Table-top exercises.
• Participate in security due diligence assessments for new vendors or service providers.
• Participate in the Compliance Forum.
• Participate in the execution of a Security Awareness Programme.
• Act as a central point of reference for all matters concerning Security Governance, Risk and Compliance and act as an ambassador for good security governance.

Additional responsibilities pertaining to security governance may be allocated at the discretion of the Security Governance Manager, in alignment with the evolving requirements of the organization

• Employees – Coordinate BCM efforts, inform about policy changes, conduct internal audits, ISO27001 controls.
• Operational Management – Present InfoSec Governance matters/updates as needed. § Product Development – Ensure controls are in place to adhere to requirements & ISMS.
• Human Resources (HR) – To manage employee communication, safety, and readiness in case of a disruption.
• Legal & Compliance – Meeting regulatory, and jurisdiction security requirements.
• Card Data Developers – The communication and adherence to PCI-DSS Requirements.
• External Auditors – Organisation of audits, liaising and evidence exchange.

• Knowledge of IT security within an infrastructure environment ·
• Knowledge of data privacy laws and regulations and the associated security controls required to meet compliance ·
• Proven knowledge of ISO27001 standard, NIST security standards, PCI-DSS requirements ·
• A first degree in a Computer Science related subject ·
• Industry standard certifications such as CISM/CISA are an asset
• 3/4+ years' progressive experience in Security, Governance, Risk, Compliance or related professional area ·
• 3/4+ years' experience working with enterprise security risk management frameworks and processes (e.g., ISO2700X, NIST, Cloud Security Alliance) ·
• 3/4+ years' experience in facilitating and conducting security assessments related to PCI-DSS, ISO27001, NIST and Cybersecurity Framework audits
•  Strong verbal and written communication skills with the ability to articulate and interpret legal obligations and security requirements
• Knowledge of business environments and service requirements, particularly in sectors like gaming or hospitality. 
• Experience working with cross functional, sourced, or matrixed teams 
• Proven ability to effectively prioritize and execute tasks in a high-pace environment 
• Familiarity with GRC systems and processes, strong organizational skills, and problem resolution abilities. 
• Experience in business systems and process planning 
• Project management skillset and a can-do attitude

Much like a rollercoaster, life at Betsson Group is fast-paced, full of twists and turns, and always exciting. With more than 2,800 colleagues representing over 75 nationalities across a global network of offices - including 1,500 at our operational headquarters in Malta - every day brings new challenges and opportunities to grow. It may not be for the faint-hearted, but if you thrive on innovation, enjoy pushing boundaries and want to be part of a diverse, international team, then you'll fit right in at Betsson.

By submitting your application, you understand that your personal data will be processed as set out in our