Senior IT Security Assurance Specialist

9814 Bulgaria, Sofia IT Permanent

Our team is growing, and we are actively looking to hire a Senior IT Security Assurance Specialist in our Sofia office or working remotely within Bulgaria!

The Senior IT Security Assurance Specialist will be responsible for ensuring technology controls are sufficiently protecting business risk, through the application of the Technology Risk & Control framework, and overseeing security policies, standards, guidelines and procedures.

This role will evaluate the design and effectiveness of controls protecting Flutter International external and internal networks, systems, applications, user access controls, mobile device applications as well as data coding standards.


  • Participate in the development of new cyber security assessment and assurance practice services
  • Conduct assurance testing on User Access Controls, Systems, Networks and Applications utilizing  various security assessment tools and applications
  • Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology / security threats against Flutter International business
  • Provide support to the group second line Cyber Security Assurance Program
  • Consult on Regulatory compliance requirements, reporting and questions
  • Provide support and consulting to the group third line internal and external audit function
  • Preparation and support for Audits by composing management responses and appropriate remediation activities
  • Contribute to the definition, development, and oversight of a global security management strategy and framework
  • Provide consultation and advice to partners on a broad range Technology Controls / Information Security programs / policies / standards and incidents for own specialized area
  • Support the on-going Technology Risk reporting, monitoring key trends and defining metrics by regularly measuring control effectiveness
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise
  • Define / develop / implement / manage standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness


  • Education or equivalent working experience: A bachelor’s degree in Computer science, Computer Engineering or equivalent;
  • 7+ years in Cyber Security consultative role roles, preferably within large/multi-national organization;
  • Professional certification: Security certification of one or more of the following: CISSP, CCSP, CISA, CRISC, CISM, CGEIT;
  • High degree of professionalism, work ethic, integrity and passion for Information Technology and Security;
  • Proven leadership qualities and ability to build strong working relationships;
  • Self-directed with ability to work independently, prioritize and execute autonomously;
  • A Team player with ability to communicate and collaborate effectively across the organization and operate effectively with multiple cross-departmental teams towards a shared goal;
  • Strong problem solving and critical thinking skills;


  • Practical and deep knowledge of security risk management methodologies and frameworks;
  • Extensive cybersecurity consulting experience for large IT projects;
  • Experience in conducting assurance testing on User Access Controls (Identity and Access Management),  Systems (Vulnerability Assessments) , Networks (Firewall policy reviews) and Applications (Static and Dynamic Application Testing);
  • Experience in assessing third party service providers;
  • Experience with enterprise security platforms and architectural design;
  • Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures;
  • Strong understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX).
  • Understanding of the Software Development Life Cycle and Development Operations (DevOps) principals.
  • Experience working in Agile Framework a definite asset.
  • Demonstrated strong technical writing and communication skills.

What’s in it for you?

Our experience-based salaries are competitive, and we provide advice and dedicated assistance to those moving to Sofia.

Your package will include:

  • Health and Dental Insurance for you, your partner and your children (if you all live at the same address)
  • A personal interest allowance to let you learn something new or pursue a hobby
  • A great yearly bonus based on performance
  • A 1,000 BGN as congratulations if you have a baby whilst you work for us
  • Personal e-learning courses and training supporting the development in your career
  • 22 days annual leave
  • A sports’ card membership valid across the country
  • In-house yoga and gymnastic classes, as well as dances
  • Discounts as a compliment form us among different services
  • Free snacks, fruits and drinks in the office

What happens next?

If you’re what we’re looking for, next up will be a short Zoom interview. And if that goes well, we’ll meet you for a 1-hour technical Zoom interview.

The Group

PokerStars is part of Flutter Entertainment Plc, a global sports betting, gaming and entertainment provider headquartered in Dublin and part of the FTSE 100 index of the London Stock Exchange. Flutter brings together exceptional brands, products and businesses and a diverse global presence in a safe, responsible and ultimately sustainable way.

We are an equal opportunity employer that values diversity. We do not discriminate on any protected characteristic as defined by applicable law.

We will look to provide reasonable accommodation for applicants with disabilities to participate in the job application or interview process. If you need assistance, please contact:

Please note we cannot accept general applications; this inbox is just for providing support to those who need it.


Our FAQs

We hope that we’ve answered as many of your questions about working at the PokerStars as possible, but if you still have some questions, why not try visiting our FAQ page?

Find your answers here