Senior Information Security GRC Analyst
Description
ABOUT THE ROLE
The Information Security Department at LeoVegas forms part of the Legal & Compliance team and focuses its activities in 4 main areas of Information Security, being Governance, Risk, and Compliance (GRC), Security Operations (SECOPS), Incident response (CSIRT) and Security Awareness Training (SAT). The Senior Information Security GRC Analyst is a key individual in a small team focusing his/her activities in the areas of GRC and SAT working alongside Internal IT, Privacy, Risk, Tech Compliance, Legal, Platform and other teams. This individual is responsible for ensuring good governance and compliance with regulatory requirements, as well as the adoption of good security industry practice across LeoVegas Group. Amongst other qualities, the role calls for a good communicator and risk advisor aimed at deriving value through the identification and reduction of risks following best practice.
YOU WILL BE RESPONSIBLE FOR:
- Assisting with the development, maintenance and testing of business continuity and disaster recovery plans.
- Conducting security maturity assessments and other risk assessments and analyses.
- Managing and leading regulatory audits, participating in licensed market entry projects and assisting Tech Compliance and other teams as may be required.
- Assisting the Risk Management function to maintain the Group's Security Risk Register.
- Detecting gaps in security processes and security product portfolios, determining risks, and providing recommendations on how to remediate.
- Developing, maintaining and implementing the Group's Information Security policies, standards, and guidelines. Contributing to the development of appropriate security KPIs, objectives and strategies, towards improving the Group’s overall security posture and maturity.
- Providing guidance and leadership to the team and other stakeholders in the organisation.
- Managing and leading vendor onboarding due diligence and supplier monitoring processes.
OUR SUCCESSFUL CANDIDATE WILL HAVE:
Essential Skills:
- A degree in Computing, Cybersecurity or Information Systems (Masters preferred)
- Possession of industry-standard certifications such as CISSP, CISA, CISM or CRISC security certification
- Minimum of 3 years experience working in a cyber security position
- Expertise in conducting security maturity assessments, risk assessments and ISMS audits
- In-depth knowledge and experience in Information Security and Risk Management, including familiarity with industry standards such as ISO27001 and PCI-DSS
- Knowledge of modern Cloud platforms
Nice to have skills:
- Experience from an international environment, the iGaming industry or other tech related industries.
- Other industry standard certifications (ISO27001 LI / LA, GIAC)
WHO ARE WE?
At the core of LeoVegas Group, is Team Leo. Our culture is our foundation and is what enables us to innovate, build, and lead as we trailblaze our way through the igaming industry. We’re a team of over 1400 innovators, initiators, and groundbreakers working in a fast-paced and agile environment across 11 offices world-wide.
BENEFITS:
- Competitive salary based on your experience.
- Well-being allowance to support your active lifestyle.
- Work from any eligible country for up to 4 weeks per year.
- Private health insurance to keep our Team Leo healthy and happy.
- Personal development plan to help you reach your goals and ambitions.
- Employee assistance program to help and guide you in challenging moments.
- Roaring discounts all over Malta island for you to explore.
- Team activities and events to have some well deserved break and a bit of fun!
- If you are not based in Malta we will also provide you with a relocation package, which includes 3-week accommodation and flight!
JOIN US!
In our pride, we like to empower our teammates to find their roar and run with their wildest ideas. We don’t wait around for things to happen, we pounce and make it happen!
If you think you would be a good fit for the Leo pride - give us a roar!
**As our company working language is English we’d like to see your CV in English please**