If you are an active candidate for one of our roles and are having issues contacting us, please email talent@flutterint.com and our TA team will pick up with you directly. We apologise for any inconvenience and thank you for your patience and support.


IT Security Assurance Analyst

11837 Bulgaria, Sofia IT Permanent

The role:

We are looking for an IT Security Assurance Specialist to join our growing Information Security team in Sofia, Bulgaria.

As part of the role, you will directly influence our international division which includes the PokerStars Poker, Casino, and Sports Betting brands. 

Are you our next star player?

The IT Security Assurance Specialist will play an important role in managing and improving of our ISMS, related policies, standard and processes. You will be part of a team that strives to protect our customers while keeping their great experience at the highest levels set by our brands. The team interacts with all company divisions, keeping close watch on their projects and making vital contributions to their efforts to address player needs in creating the best possible experience.

This role follows a hybrid approach to working, allowing you to combine working from home with working in our modern offices. These discussions are between you and your manager to find the best pattern for you both! We will kit you out to work from home but know that working as a team is what makes us great and spending quality time together is essential for keeping us mission aligned.

Why we need you

The Information Security Team within International is on a journey to increase its capability and maturity. To do this, we need to evolve how the team works whilst also initiating and tracking several key programmes of work. These programmes include the expansion of an existing Information Security Management System (ISMS) across all brands and locations; the introduction of new DLP and Identity and Access Management capabilities and a Secure SDLC project. The Information Security  function exists to ensure that the products we build for our players are secure and to protect all the sensitive information assets that we hold. We also provide assurance and oversight of technology-related Risk across our Technology function. Working in a highly-regulated environment, the Governance, Risk and Compliance function within Information Security plays a vital part in assuring Information Security and Technology controls are documented, well-managed and are operating in compliance with both internal and external requirements.

Reporting directly to the Senior Manager, Information Security Management System, the IT Security Assurance Analyst will:

  • Be part of the team responsible for the development and management of the Flutter International Information Security Management System (ISMS) Ensure the continued certification of the ISMS to ISO 27001:2013, the transition to ISO 27001:2022 and the continuous improvement of the ISMS and related controls
  • Assure the implementation and delivery of the ISMS framework and associated tooling and processes
  • Participate in the creation of, and deliver actions against, a programme of continual improvement and efficiencies in this space
  • Maintain and review all ISMS policies, standards and other core ISMS framework documents such as the Statement of Applicability (SOA), for all in-scope departments and ensure they are all regularly updated
  • Creating, manage and maintain an evidence library used to demonstrate our compliance against the ISMS controls is part of this role
  • Manage the collection and delivering of a set of continuously improved ISMS metrics measuring the effectiveness and health of the ISMS. Using these metrics, you will support the creation and delivery of regular reports on the performance of the ISMS
  • Collaborate across Flutter International and Flutter Group stakeholders at all levels on a regular basis
  • Play a BIG part in our growing Information Security Governance, Risk and Compliance team
  • Have a strong focus on developing and maintain the ISMS but also experience in Exception Management and Audit activities.

Who we’re looking for:

Your experience:

  • 4+ years in Cyber Security Global Risk and compliance roles preferably within large/multi-national organization
  • Proven experience of maintaining an ISO 27001-certified ISMS within a global and complex technical environment
  • Proven experience of working in a technical/information security control, risk management and audit-related role
  • Proven experience of working in a highly regulated industry
  • A good understanding of all aspects of Information Technology and how this works within a large global organisation
  • Working with internal and external stakeholders at all levels to achieve results, you will need excellent relationship building skills
  • You have familiarity of managing and driving ISMS-related activities, risk management and assurance/compliance reviews, audits and all aspects of Technology and IT security compliance
  • You will have experience of working within an Information Security Management System
  • Communicating information technology and information security control and risk management processes to the business, technology departments and partners, and supporting provision of security assurance at all levels of the enterprise
  • Helping develop and maintain an ISMS and appropriate Risk Management and Assurance processes

Your skills:

  • Familiarity with IT and Information Security standards (NIST, ISO 27001, CIS benchmarks etc)
  • Knowledge of security principles, technologies, and frameworks
  • Knowledge of the role of Security within the Software Development Life Cycle
  • A team player who is willing to share knowledge and to mentor colleagues, who is approachable and willing to assist at any time
  • Excellent time management skills
  • Self-motivated and driven to continuously improve areas of responsibility
  • Excellent report building skills with various office products (Excel, Power Point, Visio, etc)
  • Knowledge of vulnerability scanning tools
  • Document and evidence management within SharePoint/Confluence will be considered an advantage
  • A formal qualification/certification such as ISO 27001:2013 lead implementer or lead auditor, CRISC, CISM, CISA, CISSP are a strong plus
  • Experience working within the online gambling industry and experience of gambling regulatory requirements will be considered an advantage
  • Knowledge of ITIL and Agile methodology will be considered an advantage
  • Knowledge how to use and maintain GRC tools will be considered an advantage
  • You must have excellent stakeholder management, relationship building and persuading and influencing skills


  • A problem solver, helping craft usable and repeatable processes and solutions
  • A team player and happy to take ownership and responsibility
  • You have a natural ability when working across teams and functions to persuade and influence others
  • You have a desire to deliver results
  • A strong communicator who can build successful stakeholder relationships with business owners and product teams, project managers, IT teams, Legal and Compliance and Risk functions
  • You enjoy working in a dynamic, collaborative, transparent, non-hierarchal culture
  • You thrive in a fast-paced, outcome driven organisation

What’s in it for you? 

Our experience-based salaries are competitive, and we provide advice and dedicated assistance to those moving to Sofia.

Your package will include:

  • Health and Dental Insurance for you, your partner, and your children (if you all live at the same address)
  • A personal interest allowance to let you learn something new or pursue a hobby
  • A great yearly bonus based on performance
  • Looking to extend your family? You will receive a cash gift of 1,000 BGN for your new addition whilst working for us
  • Personal e-learning courses and training supporting the development in your career
  • 25 days annual leave
  • A sports’ card membership valid across the country
  • In-house yoga and gymnastic classes, as well as dances
  • Discounts as a compliment form us among different services
  • Free snacks, fruits, and drinks in the office

About the Group

PokerStars is part of Flutter Entertainment Plc, a global sports betting, gaming, and entertainment provider headquartered in Dublin and part of the FTSE 100 index of the London Stock Exchange. Flutter brings together exceptional brands, products and businesses and a diverse global presence in a safe, responsible and ultimately sustainable way.

We are an equal opportunity employer that values diversity. We do not discriminate on any protected characteristic as defined by applicable law.

We will look to provide reasonable accommodation for applicants with disabilities to participate in the job application or interview process. If you need assistance, please contact: talent@starsgroup.com Please note we cannot accept general applications; this inbox is just for providing support to those who need it.

Want a seat at the table? Apply now!

We will aim to respond to you as soon as possible. If you’re the right fit for our IT Security Assurance Analyst role, you will be invited to a phone/zoom interview.

Find your passion with PokerStars.

Our FAQs

We hope that we’ve answered as many of your questions about working at the PokerStars as possible, but if you still have some questions, why not try visiting our FAQ page?

Find your answers here