Skip to main content
Flutter Dublin 161121 C

Group Third Party Risk Manager

  • Leeds, United Kingdom
  • Full time 40 hours
  • Permanent
  • Flutter Group

Third Party Risk Manager
We are considering applicants in –Leeds
Style of work – Hybrid 2 days per week

Who are we?     
We’re a FTSE 40 global leader in sports betting and gaming with annual revenues of over £4bn. Its strong and diverse portfolio of market-leading brands and best-in-class products provides its 13 million customers excitement and entertainment in a safe and responsible way. Brands include Paddy Power, Sky Betting and Gaming, Betfair, Sportsbet, FanDuel, and PokerStars.
Our vision for global technology is to achieve competitive advantage for our divisions by collaborating on areas of technology that benefit from our global scale, while maintaining divisional autonomy in other areas.

Flutter relies on third-party suppliers to help facilitate the delivery of products and services to our customers; however, these relationships come with risk.  This team ensure that we maintain a safe and healthy relationship with suppliers via third-party risk management processes.

Your new role will involve

  • You will be a leader in the cyber, risk, and internal controls space who will drive the rollout of the Flutter Cyber Security Third Party Supplier Assurance program across the group.

  • Responsible for defining and embedding the operating model of the Cyber Security Third Party Risk program which will include processes for new supplier security risk assessment, existing supplier security risk assessment, and termination activities as well as defining appropriate regular governance checks. Appropriate tooling and automation should be chosen to drive accuracy and efficiencies across the TPR lifecycle.

  • An established expert in cyber security risk posed by third parties working across the group, the senior manager will ensure the risks relevant to the Flutter group are identified in line with the overall Flutter risk appetite.

  • The TPR Manager will work with the divisions to define the approach to the management of third-party risk using established risk management processes both at group and divisional level.

  • In collaboration with the Senior Managers within TPR – Technical Operational Compliance ensure that technical assessment processes and remediation tracking for control deficiencies uncovered are driving continuous improvements.

  • Work with the procurement and legal teams to ensure the security contract clauses reflect the group requirements for security.

  • Define the high-level requirements for regular governance activities to ensure third parties are being managed appropriately, e.g. access management.

  • Work with the business relationship owner to ensure security is a top priority and to build safe and healthy relationships with third-party suppliers.

  • Ensure data required for other risk reporting functions, e.g. Flutter KRI regular reporting, internal or external audit is accurately delivered on time.

  • Design relevant metrics and related key performance indicators (KPIs) for the Cyber Security Third Party Risk program which will demonstrate the effectiveness of the program.

  • Proactively manages the development of the team members to ensure a highly productive, dynamic, and proficient team.

  • Foster a team culture of integrity and respect with a global outlook.

  • Participate in governance and oversight forums/committees as required.

  • Build and maintain relationships with key stakeholders across the group.

Key Skills

  • An experienced information security governance, risk & compliance professional with a deep understanding of third-party cyber security risk.

  • Experience of supplier contract negotiations, security controls, industry standard security processes (ISO27001) and technologies, and personal data regulations (e.g. GDPR). 

  • Experience performing risk assessments of the supply chain and articulating the risk to ensure processes and technologies are adapted to manage the risk to an acceptable level.  

  • Results-oriented with the ability to influence outcomes with pragmatic recommendations and guidance.

  • A working knowledge of current IT Security standards such as ISO 27001, PCI, NIST, ISF, UKGC and Data Protection.  

  • CRISC, CISA, CISSP, ISO 27001, COBIT, or ITIL certification is desirable.

  • Inquisitive, disciplined, and logical thinker who possesses strong investigative and analytical qualities that will translate into providing independent and objective analysis of cyber security Risk based on complex data sets.

  • Excellent verbal and written communications skills with a flexible attitude and the ability to meet deadlines under pressure.

  • Able to adapt communication style and to appreciate different and opposing perspectives across multiple divisions.

  • Ability to multi-task, strong relationship building skills.


Benefits

  • Uncapped Holiday Allowance (you read that right!)

  • Enhanced Pension Scheme (please ask for your location and we will share)

  • Bonus Scheme

  • Life Assurance

  • Income protection

  • Private healthcare (with option to add dependent)

  • £/₤1,000 annual self-development learning fund & Access to thousands of Udemy courses

  • Invest via the Company Share save Scheme, Discount vouchers, Volunteering days.

  • ‘Take 20’ work from another location for up to 20 days

  • Enhanced Parental Leave Policy – Maternity up to 52weeks, including 6months 100% pay. Paternity/Adoption leave and paid time off for appointments.

  • Reward portal eg. electric car scheme, gym membership discounts etc.

  • Wellbeing scheme

  • On-site Gym, Canteen and Gaming area plus many more!

At Flutter we’re working to be an inclusive employer, and we encourage people from all backgrounds, ways of thinking and working to apply. Everyone brings different perspectives and experiences; you don't have to meet all the requirements listed to apply for this role.

If you need any adjustments to make this role work for you let us know, and we’ll see how we can accommodate them.

Our Work Experience is the combination of everything that's unique about us: our culture, our core values, our company meetings, our commitment to sustainability, our recognition programs, but most importantly, it's our people. Our employees are self-disciplined, hardworking, curious, trustworthy, humble, and truthful. They make choices according to what is best for the team, they live for opportunities to collaborate and make a difference, and they make us one of the Top Workplaces in the area. 

 

Join our talent community

Learn about upcoming career opportunities and events at Flutter Group

Join now
Flutter Dublin 161121