Security Governance Specialist

This role is a key part of the Security Governance function within the InfoSec team, focusing on managing the security governance, risk, and compliance framework. The primary responsibility is overseeing Betsson Group’s Business Continuity Management (BCM) and Business Resilience efforts. The Security Governance Specialist will manage documentation, coordinate testing, and ensure adherence to ISO27001, PCI-DSS, and other security standards while serving as a central point of reference for Business Continuity Management and Business Resilience efforts. The specialist will work closely with internal and external stakeholders to ensure preparedness for crises, ensuring minimal operational impact during business interruptions.

• Develop, implement, and maintain tailored business continuity management frameworks, and strategies, that adhere to industry best practices and comply with applicable regulatory requirements and business objectives
• Perform business impact analysis to identify critical business functions, and dependencies, and establish recovery time objectives (RTOs) and recovery point objectives (RPOs)
• Assist in the creation, maintenance, and coordination of testing around BCPs for all critical business units, ensuring robust preparedness for various disruptions (e.g., cyber incidents, natural disasters)
• Assist in the design and implementation of crisis management plans, and disaster recovery plans to minimize operational disruptions and ensure the continuity of critical services
• Facilitate BCM Working Group monthly meetings with key stakeholders, track action items, ensure alignment on BCM objectives, and prepare performance status reports for senior management, highlighting areas for improvement and key updates
• Organize and maintain a central repository for all BCM-related documentation (BIA, BCPs, DRPs), ensuring it is up-to-date, easily accessible, and regularly reviewed for accuracy and completeness
• Provide guidance and training to key internal stakeholders on business continuity management principles, policies, and procedures to ensure organizational readiness
• Interface with various teams to manage audits, findings and remediation actions
• Act as the central point of reference for all matters related to BCM, promoting good governance practices across the organization whilst maintaining and upholding system ISO27001 and PCI-DSS assurance accreditation materials
• Additional responsibilities pertaining to security governance may be allocated at the discretion of the Security Governance Manager, in alignment with the evolving requirements of the organization.

• Knowledge of IT security within an infrastructure environment
• Knowledge of data privacy laws and regulations and the associated security controls required to meet compliance
• Proven knowledge of ISO27001 standard, NIST security standards, PCI-DSS requirements
• A first degree in a Computer Science related subject
• Industry-standard certifications such as CISM/CISA are an asset
• 2/3+ years’ progressive experience in Security, Governance, Risk, Compliance or related professional area
• 2/3+ years’ experience working with enterprise security risk management frameworks and processes (e.g., ISO2700X, NIST, Cloud Security Alliance)
• 2/3+ years’ experience in facilitating and conducting security assessments related to PCI-DSS, ISO27001, NIST 800-53 and Cybersecurity Framework audits

• Strong knowledge of Business Continuity Management, as well as Business Continuity, Crisis management, and Disaster Recovery plans
• Solid knowledge of IT security within modern environments, including data privacy laws and security controls to meet regulatory compliance requirements
• Proven knowledge of the ISO 27001:2022 and ISO 22301 standards, NIST security standards, PCI-DSS requirements
• Bachelor’s degree in computer science or a related field with first-class honours
• Industry-standard certifications (e.g., ISO 22301 Lead Implementer/CBCP/MBCI, CISA) are advantageous
• 2+ years working on Business Continuity Planning projects
• 2-3 years’ progressive experience in Security, Governance, Risk, Compliance or related professional area
• 2-3 years experience working with enterprise security risk management frameworks and processes (e.g., ISO2700X, NIST, CIS-CSAT)
• Strong verbal and written communication skills with the ability to articulate and interpret legal obligations and security requirements
• Knowledge of business environments and service requirements, particularly in sectors like gaming or hospitality
• Experience working with cross-functional, sourced, or matrixed team
• Proven ability to effectively prioritize and execute tasks in a fast-paced environment
• Familiarity with GRC systems and processes, strong organizational skills, and problem-resolution abilities
• Experience in business systems and process planning.

Much like riding a rollercoaster, sometimes life at Betsson can be lightning-fast with twists and turns but always FUN! Then again, what else would you expect from a business 75% millennial and 1700 strong, spread across 7 offices with 900 based out of our Malta HQ alone? We recognise it may not be for the faint-hearted, but if you’re a go-getter, initiator and adrenaline junkie, always striving to push the boundaries and challenge yourself, then you’ll fit right in.

If you are interested to learn more, please apply with your CV in English.

Check out the Betsson Group Blog to find out what our employees are talking about

By submitting your application, you understand that your personal data will be processed as set out in our Privacy Policy