Senior Cyber Security Analyst

Blip is a leading tech company focused on software engineering solutions for sports entertainment.

We operate at scale. As part of Flutter Entertainment, we play an essential role in the Group's goal of becoming the global leader in online sports betting and iGaming, developing innovative products and platforms for over 14 million monthly customers worldwide.

We are serious about Tech. We are problem-solvers with big ambitions, keeping a people-first mindset at the core of our work. We prioritize flexibility as we strive to deliver the best technological products and tackle the greatest industry challenges.

Recognizing that everyone brings their own strengths, backgrounds and new perspectives, we empower you to be yourself. That uniqueness shapes the culture of belonging we are so proud of.

Flutter Functions is a new, vibrant, and rapidly growing centre of excellence within Flutter Group—home to some of the most talented technologists, product innovators, and business leaders in the industry. We're building the next generation of secure, scalable, and intelligent digital platforms that power Flutter's global operations.

In Flutter Functions Security, we're at the forefront of cyber security maturity and innovation. We're leading the NIST uplift initiative, pioneering best-in-class approaches to AI security and fundamentally transforming how we think about security assessment and assurance. We're not just defending against today's threats—we're architecting security into tomorrow's technologies and building a culture where security is seen as a strategic enabler.

If you're passionate about building secure systems at scale, thrive in fast-paced environments where emerging technologies demand fresh thinking, and want to make a tangible impact on the security posture of a truly global organisation, Flutter Functions is the place for you.

The Role​

Provide Subject Matter Expert (SME) technical knowledge and strategic security advisory across the Flutter Cyber Security team and divisions, ensuring industry best practice and internal security policies are consistently applied, regulatory compliance is maintained, and cyber risks are systematically identified, assessed, and understood. Act as a trusted security advisor and business partner to divisional technology and business stakeholders, delivering proactive, pragmatic guidance that empowers teams to embed security thinking into their decision-making, designs, and delivery — positioning security as a natural enabler of Flutter's strategic objectives rather than a barrier to them.

What You'll Be Doing

• Serve as a trusted Cyber Security advisor and business partner to assigned divisions, building a deep understanding of their technology landscape, strategic roadmaps, and operational priorities to deliver contextually relevant, pragmatic security guidance.
• Proactively engage with technology and business teams from the earliest stages of new initiatives, programmes, and product development — embedding security by design and directing teams towards secure decisions before issues arise.
• Develop and maintain a thorough understanding of the cyber security risks and threats facing Flutter's divisions, using that insight to direct teams towards targeted, meaningful security improvements.
• Lead cyber security assessments on Group-wide systems, translating findings into clear, prioritised guidance that directs technical and business teams to address vulnerabilities and strengthen their security posture.
• Translate complex cyber security risk into clear, business-relevant language, providing senior stakeholders with actionable advice and facilitating risk-based decisions — acting as an objective broker between security requirements and business priorities.
• Partner with divisional technology and business teams to drive tangible improvements to cyber security controls, acting as a guide and advocate for making the wider group more resilient against internal and external threats.
• Provide forward-looking security guidance on emerging technologies, architectural decisions, and digital transformation initiatives, ensuring security is integrated into design choices rather than retrofitted post-delivery.
• Collaborate with business and technology owners to ensure remediation plans are pragmatic, risk-proportionate, and effectively implemented — driving progress through influence and ongoing engagement rather than oversight alone.
• Evaluate the security of third-party solutions at onboarding and through regular review cycles, providing clear direction to business and procurement teams on required security standards and risk mitigations.
• Represent the Cyber Security function in divisional technology governance forums, architecture review boards, and business planning sessions, ensuring security is a standing consideration in strategic and operational decision-making.
• Champion a security-aware culture across assigned business areas by developing and delivering targeted awareness initiatives tailored to specific audiences — going beyond generic training to address real and relevant risks.
• Support the development of security policies and standards where required, ensuring they are practical, relevant, and communicated in a way that empowers teams to act rather than simply comply.
• Work closely with key public- and private-sector partners, security forums, and peer organisations to develop expertise, share best practices, and collaborate on cyber security risk mitigation strategies.
• Participate in governance and oversight forums and committees as required.

What You’ll Bring

• Building Support  — We establish close relationships with our stakeholders, underpinned by trust, integrity, and respect. We build awareness, understanding, and positive momentum behind the Group technology strategy, often without being in a position to assert authority.
• Trusted Advisory  — We position ourselves as a credible, go-to source of security expertise, building relationships where stakeholders proactively seek our guidance rather than viewing security as a compliance gate.
• Objective  — We are impartial and unbiased, ensuring equal treatment for all and that decisions are based on objective criteria.
• Collaboration  — We work effectively and in partnership with our stakeholders on shared goals that align towards the achievement of the Group technology strategy. We foster a collaborative environment and assume the role of leader when required.
• Influencing Without Authority  — We lead through expertise, credibility, and relationship capital, effecting meaningful security improvement across divisions and hierarchies without relying on mandates or enforcement.
• Adaptable  — We understand and appreciate different and opposing perspectives on an issue and can adapt our approach in order to achieve a successful outcome.
• Strategic Thinking  — We think about the big picture and use that perspective to support our divisions in achieving competitive advantage through greater agility, faster time to market, and a better customer experience.
• Strategic Communication  — We are proactive and considered in our approach to stakeholder communications. We actively listen, provide constructive feedback, and help others consider new perspectives.
• Commercial Awareness  — We understand the business context in which security operates, balancing risk with commercial objectives, delivery timelines, and customer experience to provide pragmatic, proportionate recommendations.

We’d Like You to Master In

• An information security professional with a deep understanding of Cyber Security risk.
• Solid technical knowledge of security-related technologies and industry standard processes across all Cyber Security risk areas.
• Proven experience in defining Cyber Security policy, standards, and controls.
• Strong working knowledge and experience of current IT Security frameworks such as ISO 27001, NIST, ISF, UKGC, and Data Protection.
• Knowledge of GDPR and the EU AI Act is highly desirable.
• Demonstrable experience operating in a Security Business Partner, Security Engagement Lead, or equivalent advisory capacity, with a track record of building trusted relationships with technology and business stakeholders across a complex, multi-divisional organisation.
• Proven ability to provide pragmatic, risk-based security guidance that balances rigorous security principles with business realities, delivery constraints, and commercial objectives.
• Familiarity with Secure-by-Design and Shift-Left security principles, and experience embedding these into software development lifecycle (SDLC) and agile delivery frameworks.
• Strong ability to adapt to frequent changes and deal with ambiguity.
• Strategic thinking which can translate into a long-range vision for driving down Cyber Security risk across the divisions.
• Inquisitive, disciplined, and logical thinker who possesses strong investigative and analytical qualities that translate into providing independent and objective analysis of Cyber Security risk.
• Proven ability to engage and influence at senior levels (Director, VP, C-suite) as well as at working levels (engineering teams, product managers), with the ability to flex communication style accordingly.
• Excellent verbal and written communication skills with the ability to modify style to influence technical and business stakeholders.
• Results-oriented with the ability to influence outcomes with pragmatic recommendations and guidance.
• A methodical approach to organising workload to ensure deadlines are met.
• Desirable:  Background in enterprise architecture, solution design, or technology consulting, providing credibility when engaging with technical design decisions.