CyberSecurity Governance Specialist - ISMS Manager

CyberSecurity Governance offers Internal and External services relating to Compliance, Standards, Regulations, and Information Security to ensure alignment of our Technology offering with the obligations that the organization is exposed to.

These requirements come mainly from the Regulatory Compliance team but are also defined by other stakeholders such as Finance, Payments, Marketing etc.

This is a position for an experienced compliance professional who wishes to start a role within a busy global Cybersecurity team. As a Cybersecurity Governance Specialist responsible for Entain's Global ISMS schedule, you will ensure that the operations of Entain adhere to our Cybersecurity and Technical Compliance requirements, requiring designing and implementing improvements to address identified gaps and to help adapt the security posture of the organisation to the evolving global threat and regulatory landscape

What you will do

• Own and operate Entain's Global ISO/IEC 27001:2022 ISMS assurance schedule, ensuring timely execution of internal audits, control reviews, and external audit readiness.
• Management of Security Policies and relevant procedures.
• Plan, prioritise, and coordinate ISMS activities and resources to maintain continuous compliance with ISO/IEC 27001:2022 requirements.
• Lead the management and remediation of non‑conformities, including root cause analysis, corrective actions, and evidence tracking.
• Contribute to ISMS risk and remediation forums, ensuring issues are assessed, tracked, and resolved in line with risk appetite.
• Act as the primary coordination point for internal security reviews and external certification audits, including auditor engagement, audit planning, and logistics.
• Produce clear, accurate, and executive‑ready communications relating to audit outcomes, assurance status, and remediation progress.
• Apply strong working knowledge of cybersecurity frameworks, terminology, and technology governance processes to support effective assurance activities.
• Support the design and evolution of ISMS controls to address emerging threats, regulatory changes, and business transformation.
• Build strong relationships with internal stakeholders and business sponsors to ensure ISMS activities are delivered with minimal operational disruption.
• Translate complex technical and IT concepts into clear, accurate assurance and audit requirements.
• Identify, escalate, and manage audit risks, conflicts, and delivery issues in a timely and professional manner.
• Drive technical compliance reviews and promote awareness of ISMS framework control requirements across the organisation.