The (role) is a member of the Paddy Power Betfair Data Security team, reporting to the Data Security Team Lead.
The role has global responsibility for helping to operate and improve the Data Security Services which are split into the following areas Data Loss Prevention and Operational Customer Security. This role encompasses working with a team of data security specialists that oversee and ensure the confidentiality, integrity and availability of Paddy Power Betfair data.
- Respond promptly and effectively to Data Loss Prevention (DLP) events ensuring rapid assessment to determine whether the data is at risk or not
- Provide guidance and training on data handling in response to data loss events
Work closely with the DLP managed service to ensure the DLP service is keeping pace with business requirements
- Feedback recurring data handling breaches to team lead and/or relevant internal teams
Perform routine maintenance on Data Security tools as required (e.g. including upgrades and some patching)
- Support the business by servicing tickets relating to access approvals
- Work with the wider security team to ensure data security controls are implemented and maintained on the Platform as a Service (PaaS) solution and legacy platforms
- Participating in projects internal and external to the security team to assess them from a data security perspective and define appropriate requirements
- Collaborate with infrastructure security to ensure the Security Incident and Event Management (SIEM) platform is receiving and correlating pertinent information
- Continually seek solutions to identify, manage and eradicate data security issues within Paddy Power Betfair
- Build and maintain strong and positive relationship with key stakeholders across the organisation
- Support compliance and regulatory initiatives and requirements such as PCI DSS, UKGC, and other regional compliance
- Work with the technology risk function to ensure identified threats and risks are captured and recorded in line with our risk management policy, procedures and standards
- Consolidate and report relevant metrics and related key performance indicators (KPIs) and key risk indicators (KRIs) as and when required
- Experience working within an Information Security team and a technical understanding of tools relating to DLP
- Understanding of data security controls required for Online and Corporate environments
- Ability to follow a defined methodology or process and to collaborate with other security teams and teams outside of the security function
- Disciplined and logical thinker who is able to describe a problem, to utilise existing reporting mechanisms to extract data and to do basic processing of data in order to present potential solutions
- Delivery driven with a sensible attitude to risk
- Awareness of ISO 27001, PCI and other regulatory compliance standards such as UKGC and Data Protection
- Excellent verbal and writing communications skills with the ability to modify style to influence technical and business stake holders
- Commercial acumen: Knows how the business works and how the organisation makes money and stays competitive. Encourages diverse thinking to promote and nurture innovation.
- Articulates credible pictures and visions of possibilities that will create sustainable value.
- Ability to drive change: Talks about the future possibilities in a positive way
- Creates milestones and symbols to rally support behind the vision
- Articulates the vision in a way everyone can relate to. Creates organisation wide energy and optimism for the future
Business engagement and relationship management:
- Works cooperatively and partners with other across the organisation to get work done. Uses knowledge of business drivers to guide actions
40 Hours per week
Location: London or Dublin