Information Security Specialist
Publicerad: 2020-11-25 | Sista ansökningsdag: 2020-12-25 | Snittlön för Säkerhetsanalytiker, IT ~51 400 kr51400SEK | Anställningsform: HeltidFULL_TIME
Over the last 20 years, Kindred Group has brought together 11 of Europe’s most successful online gambling brands – forming one of the largest online gambling companies in the world.
What started as Unibet is today Kindred Group, a diverse team of 1,400 people representing 50 nationalities located across offices in more than 10 locations. We are listed on Nasdaq Stockholm and serve over 20 million customers worldwide. As we look forward, our heritage of ‘offering players a better way to gamble’ remains crucial. Innovation in technology, marketing and data offers huge opportunities to get even closer to the customer, and keep us as pioneers of online gambling. Even as the online gambling industry changes, our group works constantly to keep up with new market dynamics and regulations – ensuring a sustainable and profitable business today, tomorrow and beyond.
Solid understanding of the evolving security and privacy controls environment, regulatory landscape and risk management techniques, principles and practices
Experience performing risk and compliance assessments and in-depth knowledge of industry standards and regulatory requirements (e.g., NIST, ISO 2700X, PCIDSS, GDPR)
Desirable: Knowledge of regulatory requirements for local markets within the gaming industry (MGA, UKGC, Spillemyndigheden etc.)
Experience and firm understanding of the development and implementation of information security policies, standards and related procedures
Ability to provide risk-based recommendations based upon the size and complexity of Kindred environment
Ability to educate Kindred associates of the risk implications associated with a particular business decision, and communicate the likelihood and impact of those decisions so Kindred Group can fully quantify those risks
Ability to translate complex technical information across all levels of the organization
Desirable: Knowledge of securing cloud based environments
Desirable: Experience of working within a web based company. An understanding of the assets involved within a web based company and a working knowledge of classifying and protecting such assets
Strong facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, including executive managers and vendors
Demonstrated ability to work effectively with a team, delivering high performance and stakeholder buy-in across all business units.
Education / Qualifications/ Professional Certificates
Desirable: Relevant university degree
Desirable: One or more of the following qualifications and professional certifications: CISSP, CISM, ISO 27000 LA, CIA, CRISC, CGEIT
The Group Security team is embarking on a mission of rapid maturity and require a highly motivated and talented information security specialist to help guide us on this journey.
This role will be within the Governance, Risk and Compliance (GRC) line and is for an information security specialist with an emphasis on compliance and risk management. As the role is within the GRC line, you will be required to assist the GRC function with its broad range of security responsibilities, however the emphasis on risk and compliance will mean you will lead the security compliance programme. As an information security specialist (compliance), you will be/become conversant with the many regulatory requirements for Kindred Group, engage with internal stakeholders ensure that they meet regulatory compliance and control risks associate with their environments and engage with external auditors/regulators to present our compliance evidence.
Lead both internal and external audits to ensure compliance with all regulatory requirements.
Manage compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures.
Assist Legal and Technology organisations with all required compliance/security-related documentation. Ensure documentation is standardised, updated and organised.
Participate in the development and implementation of new business initiatives involving compliance to ensure functionality required to support required compliance.
Provide guidance to business functions on compliance/security-related matters.
Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings.
Initiate improvement activity to reduce risk, ensure compliance, lower cost, and improve quality within IT processes.
Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables.
Refine and revise existing policies and procedures to support internal and external compliance programs. Author new policies and procedures and ensure adequate training for adherence by employees.
Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change.
Deliver findings, recommendations and remediation steps for all activities, in a clear, concise and audience-specific format.
Perform periodic security risk assessments and advise business stakeholders on best practices to reduce risk and overall breach profile.
Information Security specific:
Conduct information security assessments using industry accepted best practices and approaches to support enterprise business goals and objectives
Follow standard methodologies and develop new and innovative processes for delivering information security solutions
Focus on results and ability to work within tight timelines
Demonstrated ability to learn and apply critical thinking to a variety of situations
Contribute to the security awareness programme and develop a security aware culture.
Maintenance and development of the Kindred Group Information Security Management System (ISMS)
Build and maintain a network within the organisation through travel to other Kindred Group offices globally
Lediga jobb i Stockholm