Senior Access Governance Analyst - Flutter UKI, Hybrid

Description

About Flutter UKI:

Flutter UK & Ireland are the UKI region of Flutter Entertainment. They unite a dozen brands including powerhouses Paddy Power, Betfair, Tombola and Sky Betting & Gaming, bringing together hundreds of teams and thousands of colleagues, who create trusted entertainment for millions of customers every week.

The role:

The Senior Access Governance Analyst sits within the Flutter UK & Ireland security team, reporting to the Senior Identity and Access Governance Manager.

The Senior Access Governance Analyst will play a critical role in managing and enhancing our Identity and Access Management (IAM) programs, ensuring the security, efficiency, and compliance of our access control processes. Is responsible to ensure Identity and Access Security policies compliance for Flutter UK & Ireland. Engages with the business to facilitate application onboarding to existing IAM tools and ensures Identity& Access Security controls are incorporated into business processes.

The ideal candidate will have a deep understanding of IAM technologies, industry standards, and governance frameworks, combined with hands-on experience in deploying and managing identity management solutions across enterprise environments.

The role will involve a mix of analysis of business systems in the context of Identity and Access security, assessment of controls against Identity and Access Governance policies and driving improvements with business stakeholders.

Key Accountabilities & Responsibilities:

• Lead the design, implementation, and continuous improvement of IAM processes and solutions to ensure secure access control to all systems and applications within the organization.
• Help internal stakeholders understand the risk appetite for Identity & Access Governance and manage their products and data accordingly.
• Consult in the design, implementation, and operation of business processes and services where Data is sensitive and/or high risk with guidance on Data & Access Security controls.
• Engage with business stakeholders to ensure the timely collection of the technical information required to onboard relevant applications into Flutter Uk & Ireland Identity and Access Management tool—SailPoint.
• Ensure Flutter UK & Ireland sensitive data remains protected in line with GDPR, Policy and other compliance requirements across all Flutter UK & Ireland systems.
• Recommend appropriate security controls and risk mitigation strategies for the entire data life cycle.
• Work with the system owners to ensure their applications are onboarded to the access review process as defined by the Security Policies.
• Manage access review campaigns within SailPoint ensuring timely completion.
• Ensure user lifecycle events governance within the Identity and Access Management tool: joiner, mover, and leaver.
• Drive continuous improvements to existing access governance processes.
• Develop, implement, and monitor governance policies and procedures to ensure compliance with internal security standards, as well as regulatory requirements.
• Identify and mitigate security risks associated with user access, ensuring that the principle of least privilege is applied consistently across all systems and platforms.
• Provide guidance and training to internal stakeholders, including IT, security, and business units, on IAM best practices, policies, and new technologies.

Skills, Capabilities & Experience Required:

• Ability to engage and collaborate with various stakeholders within the business.
• Excellent verbal and written communications skills with the ability to adapt style to influence technical and business stake holders.
• Good understanding of Data Loss Prevention and Identity & Access governance processes and tools.
• Good stakeholder management skills to drive improvement of data & access security controls.
• One to two years’ experience in a similar role.
• A proactive team approach, who takes initiative to resolve problems.
• Good understanding of AWS cloud services with an accent on IAM, EC2, RDS and S3 services.
• Delivery driven with a sensible attitude to risk.
• Disciplined and logical thinker, with the ability to draw conclusions from large and complex data sets
• Previous experience of SOX controls implementation or good understanding of ITGC controls.
• High level understanding of various IT processes and technologies (cloud, virtualization, databases, networking, software development, risk management).
• Proficient level of spoken and written English (B2, C1) (fluency in English is necessary).

Nice to have:

• Understanding of security processes and controls.
• Knowledge and ease of working with security policies and standards.
• Hands-on experience in either IT or security is desirable.
• Passionate about technology and displays energy and enthusiasm for the Data & Access Security discipline.
• Knowledge of JIRA and Confluence.
• General understanding of information security best practices.
• Good verbal and written communication skills with the ability to present technical concepts to business stakeholders.

Disclaimer:

We are an inclusive employer. By embracing diverse experiences and perspectives, we create a lasting, positive impact for our employees, customers, and the communities we’re part of. You don't have to meet all the requirements listed to apply for this role. If you need any adjustments to make this role work for you, let us know, and we’ll see how we can accommodate them.

We thank all applicants for their interest; however, only the candidates who best meet the job requirements will be contacted for an interview.

By submitting your application online, you agree that your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record. If your application is unsuccessful, we will retain your details for a period no longer than three years, to consider you for prospective roles within the company