Head of Threat & Intelligence and Incident Response - Flutter Group, Hybrid

Head of Threat & Intelligence and Incident Response - Flutter Group, Hybrid

This role at a glance:

Reporting to the Group CISO, the Head of Threat & intelligence and incident response will lead the Flutter Cyber Operations & Response team and being a part of the Flutter cyber Leadership Team.

The role will provide leadership and subject matter expertise to design, implementation and management of cybersecurity operational capability across the group.

The Head of Threat & Intelligence and Incident Response will provide strong leadership: supporting and challenging the team to be their best selves, whilst developing talent through career progression.

The role will supervise and direct the x-divisional response team's actions as well as act as the single point of contact for the given incident.

The role leads the Group Operational Security function by strengthening the cyber security resourcing and capabilities to enable secure and innovative Flutter operations.

The role is responsible to build the strategy and the operation of the best in class operational cyber security to stay ahead of the threat landscape, enabling secure, innovative solutions for Flutter.

Responsible for:

• Set the strategy for the Flutter Global Operational Cyber Security, based on the company objectives and risk appetite.
• Cover a wide range of security areas and find the best global solutions based on the strategic vision and analysis.
• Lead the intelligence program within Flutter Group and develop a firm-wide intelligence standard.
• Provide end-to-end global accountability of timely and accurate intelligence analysis that enables Citi to mitigate threats across the globe and in support of our security, crisis management, and investigative programs and responsibilities.
• Develop and maintain an intelligence strategy for the firm and ensure execution of that strategy.
• Serve as a key member of the Flutter cyber leadership team and work collaboratively at all levels across business functions and with multiple constituents.
• Build and maintain relationships with similar intelligence teams across the private sector and with appropriate government agencies.
• Manage strategic, specialized, and complex intelligence analysis for various Flutter functions and businesses.
• Demonstrate situational judgment and interpersonal, negotiation, and networking skills to collaboratively build strong working relationships with intelligence partners internal and external to Flutter.
• Demonstrate ability to lead teams that review large bodies of information and synthesize for inclusion in comprehensive, relevant briefings under tight time constraints.
• Prioritize and perform multiple tasks; change focus quickly as demands change in a fast-paced, time constrained environment.
• Provide direct strategic management guidance to Flutter senior leadership and leaders across Divisions and functions.
• Drive results and accountability across all levels of the global team, while encouraging high standards and stressing the importance of continuous development.
• Manage budget, year-end compensation pool and expense approvals for the team.
• Translate multi-year goals into fundamental key performance indicators to diagnose trends and support business decisions.
• Assess risk appropriately when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Flutter Group, its customers and assets, by driving compliance with applicable laws, rules and regulations, adhering to policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.
• A deep understanding of the intelligence cycle and its application in a dynamic and complex environment.
• Lead a team of skilled professionals with expertise in intelligence, governance, budgets and financing, technology, training, risk, and control management.
• Cocreate with key brand and divisional decision makers the strategy, following the business objectives. Promote cyber security resilience and reduce the incidence and severity of cyber security breaches
• Influence and negotiate with divisional senior stakeholders and the group the most effective solutions to achieve the final global outcome. Build and present business cases for future strategic investments.
• Work with subject matter experts and external partners to assess cyber security risks and threats facing Flutter to ensure divisions cyber security maturity and threat landscape is well understood
• Develop the cross-divisional strategic security testing program to support more systematic assessments of the effectiveness of cyber defences (people, processes, and technology) and identification of vulnerabilities and exposure to malware
• Work with divisions to build effective cyber security response and recovery plans, including crisis management coordination, planning, playbooks and toolkit. Test cyber security incident recovery capabilities with internal and external stakeholders (Divisional system participants, External third parties, etc.) to ensure approaches are consistently used in all scenarios.
• Coordinate joint initiatives with the divisions to modernise and promote the resiliency of divisional and cross divisional technologies
• Test and enhance Flutter’s ability to respond and recover from a ransomware attack, or any other cyber scenario. Coordinate top table exercises for Exco, senior stakeholders, and technical teams
• Lead and coordinate cross divisional Incident response and recovery exercises with internal and external stakeholders. Support Group Crisis Response planning and Data Protection and simulation exercises with specific focus on cyber security
• Provide management of incidents that impact multiple Divisions in coordination with divisional security incident management. Handle cross-divisional cyber security issues efficiently through co-ordination and communication with all stakeholders affected
• Ensure recovery from cyber incidents occurs within an appropriate timeframe including proper communications with both external and internal parties
• Responsible for measurement and reporting of divisional and cross-divisional security incident metrics
• Enhance the tools and data used to analyse, assess, and communicate cyber security threats and vulnerabilities to increase understanding of critical system cyber security vulnerabilities
• Work closely with key public- and private-sector partners, security forums and peer organisations to develop expertise, share best practices, and collaborate on cyber security risk mitigation strategies, policies, and regulations initiatives
• Build cross-divisional capability to ensure forensic investigation is performed effectively. This can include implementing enhanced processes and tools, and retain cyber forensic and technical experts, to conduct effective investigations

Competencies:

• Building Support; we establish close relationships with our stakeholders, underpinned by trust, integrity and respect. We are able to build awareness, understanding and positive momentum behind the Group technology strategy, often without being in a position to assert authority.
• Objective; we are impartial and unbiased, ensuring equal treatment for all and that decisions taken are based on objective criteria.
• Collaborative; we work effectively and in partnership with our stakeholders on shared goals that align towards the achievement of the Group technology strategy. We foster a collaborative environment and assume the role of leader when required.
• Adaptable; we understand and appreciate different and opposing perspectives on an issue and are able to adapt our approach in order to achieve a successful outcome.
• Strategic Thinking; we think about the big picture and use that perspective to support our Divisions to achieve competitive advantage through greater agility, faster time to market and a better customer experience.
• Strategic Communication; we are proactive and considered in our approach to stakeholder communications. We actively listen, provide constructive feedback and help others to consider new perspectives.

Key requirements:

• A solid background in cyber security with extensive expertise in incident management
• 15+ years of experience, including 8-10+ years' managerial experience.
• A deep understanding of the intelligence cycle and its application in a dynamic and complex environment.
• Experience in executing strategic initiatives, change management and delivering results.
• Experience in managing team(s) of excellent problem-solvers with a technical, organizational, and analytical mindset.
• Proven influencing, communication, and consulting skills.
• Experience in operations areas: Organizational management, project management, business operations, technology, conducting/supervising internal investigations, insider threat, security matters, and crisis management.
• Independent thinker with strong analytical and problem-solving skills.
• Experience translating, communicating, and applying business strategies and objectives within own area of responsibility, ensuring that direct reports and functional teams are aligned to overall strategy and objectives.
• Proven experience in articulating and implementing best practices related to your support area.
• Experience in directing and working with teams within a federated organization.
• Skilled leader, mentor, coach.
• Strong communication and presentation skills including communications (written and verbal) with senior-level management.
• Experience of operating and succeeding within a fast-paced online/eCommerce organization
• Demonstrable experience of creating effective long-term strategies for cyber security services, and efficiently implementing them by influencing and leading others.
• Demonstrable experience of leading programmes of work successfully that contribute to the achievement of strategic objectives
• Extensive experience of internal and external stakeholder management
• A solid background in cyber security with expertise across all areas or a more detailed in focus in one or more areas
• Ability to negotiate robustly with strategic vendors to ensure we take full advantage of our scale to manage costs and get value for money
• Strong working knowledge and experience of current IT Security frameworks such as ISO 27001, PCI, NIST, ISF, UKGC and Data Protection, SEC regulation, AI Act 2024
• Strategic thinking which can translate to a long-range vision for driving down Cyber Security risk across the divisions.

What you can expect

• 25 days of annual leave;

• Sharesave scheme;

• ”Flexible Benefits” of your choice;

• Private health insurance (includes dental insurance and health assessments);

• Free parking;

• Thousands of courses online through ‘Udemy'

Ways of working

Flexible working is our way of working! We're a diverse workforce and therefore a 'one size fits all' approach isn't necessarily best. Whatever your personal needs may be, let's have a chat and see how we can accommodate them;

We thank all applicants for their interest, however only the suitable candidates will be contacted for an interview.

By submitting your application online, you agree that: your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record. If your application is unsuccessful, we will retain your details for a period no longer than two years, in order to consider you for prospective role within the company.