Cyber GRC Engineer Porto

Cyber GRC Engineer
Porto
Porto, Porto District, Portugal

Blip is a leading tech company focused on software engineering solutions for sports entertainment.

We operate at scale. As part of Flutter Entertainment, we play an essential role in the Group's goal of becoming the global leader in online sports betting and i
Gaming, developing innovative products and platforms for over 14 million monthly customers worldwide.

We are serious about Tech. We are
- solvers with big ambitions, keeping a
- first mindset at the core of our work. We prioritize flexibility as we strive to deliver the best technological products and tackle the greatest industry challenges.

Recognizing that everyone brings their own strengths, backgrounds and new perspectives, we empower you to be yourself. That uniqueness shapes the culture of belonging we are so proud of.

The role

As a Cyber GRC Engineer, you will be responsible for supporting the design, implementation, and ongoing management of our GRC platform and our automated assurance framework. You will work closely with internal teams to ensure that the company adheres to industry standards, regulatory requirements and best practices related to cyber risk management and compliance. Your expertise will be key in integrating and maintaining
- edge tools that ensure our controls are automatically and continuously monitored. This role offers a unique opportunity to work closely with diverse teams, continuously optimising our systems to support our Governance, Risk, and Compliance (GRC) objectives.

What You’ll Be Doing

• Develop and integrate advancing tooling and technologies to ensure that security controls are effectively automated and continuously monitored.
• Ensure seamless implementation and configuration of toolsets with relevant internal systems and applications.
• Integrate automated assurance platform with relevant workflow tools such as Jira and Slack.
• Maintain and optimize the automated assurance toolset to ensure it operates efficiently and effectively.
• Manage regular updates and integrate new features as they become available.
• Implement automated solutions to mitigate potential threats and vulnerabilities.
• Continuously strive to identify opportunities for controls uplift and automation across both Cyber and the wider Technology infrastructure.
• Maintain high standards of security and risk management in line with relevant standards (NIST CSF, ISO 27001) by leveraging automation.
• Work with IT, security, risk and compliance, internal controls and audit teams to ensure the platform meets their needs.
• Train relevant staff on the use and benefits of the automated assurance tool.
• Monitor the effectiveness of automated controls, driving continuous improvements to maintain robust security and compliance.
• Create and maintain comprehensive documentation for the tool’s configuration, usage, and maintenance.
• Generate regular reports on the tool’s effectiveness and the organization’s compliance status.
• Utilise the tool to identify, assess, and mitigate cybersecurity risks.
• Generate automated risk reports and dashboards for management review.

What You’ll Bring

• Excellent
  - solving skills and the ability to analyse complex challenges
• Strong interpersonal and
  - building skills
• Focused on developing knowledge and skills
• Self-motivated with a ‘get-out-there’ attitude focused on continuous improvement
• Strong focus on prioritisation and understanding
  - offs
• Willing to challenge the status quo
• Enjoy and comfortable within both individual and team environments
• Excels in
  - moving and dynamic environments
• Experience in integrating security tooling.
• Expertise in implementing automated assurance tools is desirable although not essential
• Knowledge of industry standards such as NIST CSF, ISO27001, or PCI-DSS is highly desirable.
• Proven experience in Cyber controls assurance (e. g. advisory, internal or external audit roles) is desirable although not essential
• Proficiency in scripting languages (e. g. , Python, Power
  Shell) to automate processes and tasks.
• Ability to manage projects, including planning, execution, and monitoring
• Experience in working with technologies such as AWS, Service
  Now, Jira, Okta, Crowdstrike etc. is desirable
• Additional technical knowledge in AWS such as writing Lambda functions, creating AWS SCPs and Cloud
  Formation templates as well as working with services such as Config and Security
  Hub would also be advantageous
• Familiarity with GRC tools is an advantage
• Experience in performing proof of value (POV) exercises of Cyber security tooling is an advantage

This is what you should have. What do we have, you ask? Well. . . you can check our amazing perks & benefits right here !

So. . . are you in?

Equal opportunities

At Blip, we are committed to creating a diverse and inclusive workplace. We strongly encourage people from all backgrounds, ways of thinking, and working to apply.
We are committed to including everyone regardless of their race, disability, age, gender identity, sexual orientation, and religion.
Everyone brings different perspectives and experiences; you don’t have to meet all the requirements listed to apply for this role.

If you need any adjustments to apply for the position and to ensure this role aligns with your needs, please send an email toaccommodations@blip. pt.

We will only respond to inquiries related to disabilities.