Our mission is to dominate the betting and gaming industry on a global scale and we need the very best Tech talent to help us achieve this.
We recently migrated all of our customers onto our very own proprietary platform - so it's an exciting time to join us. With the help of our new platform, we're able to pioneer new products and drive more advanced, creative technologies. The result? Unrivalled experiences for millions of customers worldwide.
Betfred's Technology department is driven by innovation, and you'll be at the heart of unlocking our new platform's potential. So, if you want to help shape the future of betting and gaming, then it's time to join us.
Job Purpose
As a Principal Cyber Security Analyst, you will play a strategic role in safeguarding the organisation's assets, both in the UK and internationally. You will collaborate with the business and the broader IT team—including Infrastructure, Network, Development, Platform Engineering, and Service Desk teams—to provide governance and security for existing and new services. Your role is pivotal in driving the organisation's cybersecurity vision, aligning security initiatives with business objectives, and ensuring the company remains resilient against emerging threats.
Broad technical knowledge and ITIL experience in Incident, Request, Change, Problem, Release, Event, and Knowledge management are required. You must be forward-thinking, customer-focused, and self-motivated, with a passion for improving IT services and enhancing the user experience. You will demonstrate strong organisational skills and a systematic, disciplined, and analytical approach and be accountable for your daily workload.
You will provide technical leadership to the Information Cyber Security Team and support the Information Security and Compliance Manager in ensuring that the business is protected against cyber security threats and that data is kept secure at all times. This includes proactive planning, rapid responses to security threats and incidents, and serving as an escalation point for other team members. The team is responsible for all sites in the UK and Gibraltar, with advisory responsibilities for international sites in South Africa.
Job Duties
* Shape and drive the organisation’s cybersecurity strategy, aligning security initiatives with broader business objectives.
* Ensure that the Group CIO, Head of Technical Operations, and Information Security & Compliance Manager are informed of progress and alerted to major issues in a timely manner.
* Analyse security events, identify issues and recommend solutions to mitigate risks.
* Stay up-to-date with current and emerging threats, technologies, and solutions, with a focus on cloud security, Zero-Trust architecture, and DevSecOps practices.
* Work with Infrastructure, Network, Service Desk, and Development teams to provide leadership and expertise in information and cyber security best practices.
* Implement and manage a layered security approach, including vulnerability scanning, threat hunting, and leveraging threat intelligence platforms.
* Lead and improve the monitoring, reporting, and security incident alerting processes, utilising security automation tools where possible.
* Research, evaluate, and recommend security solutions and develop new and existing SOC processes for a rapidly changing landscape.
* Lead projects involving penetration testing, vulnerability assessments, and security investigations, including incidents involving malware, data loss, or network intrusion.
* Develop and maintain security procedures, standards, and documentation, ensuring compliance with ISO27001, PCI-DSS, GDPR, CCPA, and other relevant regulations.
* Support the Information Security & Compliance Manager in cybersecurity and regulatory audits.
* Take ownership of escalated tickets, investigate issues, and collaborate with team members and support functions to resolve them promptly.
* Identify opportunities for automation and continuous improvement in security processes and services.
Knowledge, Skills and Experience
* Expertise in SIEM solutions, Endpoint Protection (EDR), and Data Loss Prevention (DLP) tools.
* Proficient in Email Security, Office 365, and CASB (Cloud Access Security Brokers).
* Strong knowledge of public and private cloud environments, particularly AWS, Microsoft Azure, and cloud-native security solutions.
* Knowledge of firewall, WAF, and IDS/IPS technologies.
* Familiarity with Zero Trust security models and DevSecOps practices.
* Hands-on experience with security investigations, incident response, and leading security operations.
* Deep understanding of key infrastructure components, including ADS, DNS, email security, endpoint security, and virtualisation technologies.
* Experience with regulatory standards and compliance frameworks (ISO27001, PCI-DSS, GDPR, CCPA).
* Proven track record in leading and managing Incident Response, with strong ITIL experience.
* Excellent communication and leadership skills, with the ability to influence cross-functional teams and present complex security concepts to non-technical stakeholders.
* Relevant degree in a computer-related subject or equivalent experience in Cyber Security.
* Familiarity with industry-standard security tools such as Splunk, Palo Alto, Fortinet, SentinelOne, or similar SIEM and EDR platforms.
What is in it for me?
* £65,000 - £80,000 per annum, depending on experience
* Flexi-time (start anywhere between 7am and 10am)
#J-18808-Ljbffr