Senior IT Security Assurance Specialist

9786 Canada, Toronto, Richmond Hill IT Permanent

Our team is growing, and we are actively looking to hire a Senior IT Security Assurance Specialist in our Toronto office!

Are you our next star player?

The Senior IT Security Assurance Specialist will be responsible for ensuring technology controls are sufficiently protecting business risk, through the application of the Technology Risk & Control framework, and overseeing security policies, standards, guidelines and procedures.

This role will evaluate the design and effectiveness of controls protecting Flutter International external and internal networks, systems, applications, user access controls, mobile device applications as well as data coding standards.

Why we need you

  • Participate in the development of new cyber security assessment and assurance practice services
  • Conduct assurance testing on User Access Controls, Systems, Networksand Applications utilizing  various security assessment tools and applications
  • Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology / security threats against Flutter International business;
  • Provide support to the group second line CyberSecurity Assurance Program;
  • Consult on Regulatory compliance requirements, reporting and questions;
  • Provide support and consultingto the group third line internal and external audit function;
  • Preparation and support for Audits bycomposing management responses and appropriate remediation activities;
  • Contribute to the definition, development, and oversight of a global security management strategy and framework;
  • Provide consultation and advice to partners on a broad range Technology Controls /Information Security programs / policies / standards and incidents for own specialized area;
  • Support the on-going Technology Risk reporting, monitoring key trends and defining metrics byregularly measuring control effectiveness;
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise;
  • Define / develop / implement / manage standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness;

Who we`re looking for?

  • Education or equivalent working experience: A bachelor’s degree in Computer science, Computer Engineering or equivalent;
  • 7+ years in Cyber Security consultative role roles, preferably within large/multi-national organization;
  • Professional certification: Security certification of one or more of the following: CISSP, CCSP, CISA, CRISC, CISM, CGEIT;
  • High degree of professionalism, work ethic, integrity and passion for Information Technology and Security;
  • Proven leadership qualities and ability to build strong working relationships;
  • Self-directed with ability to work independently, prioritize and execute autonomously;
  • A Team player with ability to communicate and collaborate effectively across the organization and operate effectively with multiple cross-departmental teams towards a shared goal;
  • Strong problem solving and critical thinking skills;


  • Practical and deep knowledge of security risk management methodologies and frameworks;
  • Extensive cybersecurity consulting experience for large IT projects;
  • Experience in conducting assurance testing on User Access Controls (Identity and Access Management),  Systems (Vulnerability Assessments) , Networks (Firewall policy reviews)and Applications (Static and Dynamic Application Testing);
  • Experience in assessing third party service providers;
  • Experience with enterprise security platforms and architectural design;
  • Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures;
  • Strong understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX).
  • Understanding of the Software Development Life Cycle and Development Operations (DevOps) principals.
  • Experience working in Agile Framework a definite asset.
  • Demonstrated strong technical writing and communication skills.

What’s in it for you?

Our experience-based salaries are competitive. Plus, there’s a discretionary annual performance bonus.

Your package will include:

  • health and dental insurance for you and your dependents
  • the option to join our company pension scheme
  • in-house training and development to develop your skills, progressing your career
  • Paid for lunches, as well as fresh fruit, snacks and drinks around the office
  • regular on-site yoga sessions

What happens next?

If you’re what we’re looking for, next up will be a short Zoom interview. And if that goes well, we’ll meet you for a 1-hour technical Zoom interview.

The Group

PokerStars is part of Flutter Entertainment Plc, a global sports betting, gaming and entertainment provider headquartered in Dublin and part of the FTSE 100 index of the London Stock Exchange. Flutter brings together exceptional brands, products and businesses and a diverse global presence in a safe, responsible and ultimately sustainable way.

We are an equal opportunity employer that values diversity. We do not discriminate on any protected characteristic as defined by applicable law.

We will look to provide reasonable accommodation for applicants with disabilities to participate in the job application or interview process. If you need assistance, please contact: 

Please note we cannot accept general applications; this inbox is just for providing support to those who need it.


Our FAQs

We hope that we’ve answered as many of your questions about working at the PokerStars as possible, but if you still have some questions, why not try visiting our FAQ page?

Find your answers here