ABOUT FANDUEL GROUP

There are more ways to win, here at FanDuel. We're willing to bet on it.

THE ROSTER…

At FanDuel Group, we give fans a new and innovative way to interact with their favorite games, sports and teams. We're dedicated to building a winning team and we pride ourselves on being able to make every moment mean more, especially when it comes to your career. So, what does "winning" look like at FanDuel? It's recognition for your hard-earned results, a culture that brings out your best work—and a roster full of talented coworkers. Make no mistake, we are here to win, but we believe in winning right. That means we'll never compromise when it comes to looking out for our teammates. From creatives professionals to cutting edge technology innovators, FanDuel offers a wide range of career opportunities, best in class benefits, and the tools to explore and grow into your best selves. At FanDuel, our principle of "We Are One Team" runs through all our offices across the globe, and you can expect to be a part of an exciting company with many opportunities to grow and be successful.

WHO WE ARE…

FanDuel Group is an innovative sports-tech entertainment company that is changing the way consumers engage with their favorite sports, teams, and leagues. The premier gaming destination in the United States, FanDuel Group consists of a portfolio of leading brands across gaming, sports betting, daily fantasy sports, advance-deposit wagering, and TV/media.

FanDuel Group has a presence across all 50 states with approximately 17 million customers and nearly 30 retail locations. The company is based in New York with offices in California, New Jersey, Florida, Oregon, Georgia, Portugal, Romania and Scotland.

Its network FanDuel TV and FanDuel+ are broadly distributed on linear cable television and through its relationships with leading direct-to-consumer OTT platforms.

FanDuel Group is a subsidiary of Flutter Entertainment plc, the world's largest sports betting and gaming operator with a portfolio of globally recognized brands and a constituent of the FTSE 100 index of the London Stock Exchange.

THE POSITION:
Our roster has an opening with your name on it

The Senior Director of Information Security Assurances and Controls takes on the leadership role and teams focus on areas in Compliance, Security Assurances & Control Monitoring, Policies & Procedures, Governance, Business Continuity & Disaster Recovery, and Security Risk Management. You will be challenged to think outside of the box to drive towards sustainable operations and technology to streamline your functional areas. The right individual will be eager to dive into a diverse set of challenges and domains to assess the overall risk landscape for FanDuel and provide a clear and cohesive strategy to work with our stakeholders to deliver the best-in-class trusted platform for our customers that create opportunities to win.

THE GAME PLAN:
Everyone on our team has a part to play

• Responsible for the leadership and strategy of the Security Assurances, Controls, and Risk Program for a technology platform in a regulated and dynamic environment
• Manage and grow a Security Assurances, Controls, and Risk organization in line with organization and business needs Lead cross-functional teams to develop and improve policies and procedures, and design of information security frameworks that are relevant to the risk appetite and exposure for FanDuel and our parent company Flutter.
• Interpret industry requirements and regulations to determine, develop, and maintain appropriate technology security controls, policies, and procedures that drive better practices and efficiency while reducing risk

• Collaborate in process improvement and leveraging technology systems for continuous monitoring and control efficacy testing that removes time bound audit constraints
• Scale and maintain an efficient Information Security Risk Assessments program for 1st and 3rd party systems that moves beyond compliance check box work streams to unlock value to our stakeholders
• Become a trusted security advisor through bi-directional partnership across a wide range of stakeholders from Legal, Internal Controls, Internal Audit to Product and Engineering by delivering timely requirements, feedback, and testing
• Build and refine processes to provide clarity and transparency for reporting and metrics across security controls and supported regulatory scope through audit and risk committees
• Provide guidance and support in delivering business impact and ROI through Business Continuity and Disaster Recovery processes
• Manage a robust control environment spanning across multiple product areas, stakeholders, regulations, and audit (Internal & External) by create mechanisms to track and provide assurances of control effectiveness

THE STATS:
What we're looking for in our next teammate

• Empathetic leader who has experience growing individuals, teams, and programs through clear support, guidance, and mentorship
• Prior experience of working in Security and compliance group at a publicly traded technology or SaaS / Cloud

• Experience in multiple security domains including product security engineering, security operations, infrastructure security etc.
• Proficient communicator who can explain technical risks and challenges in a succinct manner to a broad audience of regulators, leadership, principal engineers, or product managers.
• Ability to drive through ambiguity and define and execute on project deliverables across multiple stakeholders
• Significant experience supporting and leading teams for security risk assessments and audits against security standards, governance frameworks, and regulatory requirements (e.g. NIST, SOX, GLI, PCI)
• Comprehensive understanding of fundamental cloud architecture and systems, security technologies and tooling, and secure software development lifecycle practices with practical application of control assurances

• Understanding of privacy and data protection regulations, such as CCPA and GDPR and the supporting operations around data life cycle management
• Ability to provide data driven recommendations and well-constructed analyses to drive towards decisions and execution
• Understanding of system vulnerabilities, attack surfaces, attack vectors and tactics used in modern cyber attacks

REQUIRED QUALIFICATIONS

• Industry certifications (CISA & CISSP)
• Internal experience leading a company through SOX readiness and public listing
• Internal experience leading a program through a successful SOC2 attestation or equivalent framework

PLAYER CONTRACT
We treat our team right

From our many opportunities for professional development to our generous insurance and paid leave policies, we're committed to making sure our employees get as much out of FanDuel as we ask them to give. Competitive compensation is just the beginning. As part of our team, you can expect:

• An exciting and fun environment committed to driving real growth
• Opportunities to build really cool products that fans love
• Mentorship and professional development resources to help you refine your game
• Flexible vacation allowance to let you refuel
• Hall of Fame benefit programs and platforms

FanDuel Group is an equal opportunities employer and we believe, as one of our principal states, "We Are One Team!" We are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, creed, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, and Veteran status. We believe FanDuel is strongest and best able to compete if all employees feel valued, respected, and included. We want our team to include diverse individuals because diversity of thought, diversity of perspectives, and diversity of experiences leads to better performance. Having a diverse and inclusive workforce is a core value that we believe makes our company stronger and more competitive as One Team!

The applicable salary range for this position is $212,000 to $291,500 which is dependent on a variety of factors including relevant experience, location, business needs and market demand. This role may also be eligible for short-term or long-term incentive compensation.

#LI-Hybrid