CyberSecurity Governance Specialist - ISMS Manager
CyberSecurity Governance offers Internal and External services relating to Compliance, Standards, Regulations, and Information Security to ensure alignment of our Technology offering with the obligations that the organization is exposed to. These requirements come mainly from the Regulatory Compliance team but are also defined by other stakeholders such as Finance, Payments, Marketing etc. This is a position for an experienced compliance professional who wishes to start a role within a busy global Cybersecurity team. As a Cybersecurity Governance Specialist responsible for Entain's Global ISMS schedule, you will ensure that the operations of Entain adhere to our Cybersecurity and Technical Compliance requirements, requiring designing and implementing improvements to address identified gaps and to help adapt the security posture of the organisation to the evolving global threat and regulatory landscape.
- Own and operate Entain's Global ISO/IEC 27001:2022 ISMS assurance schedule, ensuring timely execution of internal audits, control reviews, and external audit readiness.
- Management of Security Policies and relevant procedures.
- Plan, prioritise, and coordinate ISMS activities and resources to maintain continuous compliance with ISO/IEC 27001:2022 requirements.
- Lead the management and remediation of non‑conformities, including root cause analysis, corrective actions, and evidence tracking.
- Contribute to ISMS risk and remediation forums, ensuring issues are assessed, tracked, and resolved in line with risk appetite.
- Act as the primary coordination point for internal security reviews and external certification audits, including auditor engagement, audit planning, and logistics.
- Produce clear, accurate, and executive‑ready communications relating to audit outcomes, assurance status, and remediation progress.
- Apply strong working knowledge of cybersecurity frameworks, terminology, and technology governance processes to support effective assurance activities.
- Support the design and evolution of ISMS controls to address emerging threats, regulatory changes, and business transformation.
- Build strong relationships with internal stakeholders and business sponsors to ensure ISMS activities are delivered with minimal operational disruption.
- Translate complex technical and IT concepts into clear, accurate assurance and audit requirements.
- Identify, escalate, and manage audit risks, conflicts, and delivery issues in a timely and professional manner.
- Drive technical compliance reviews and promote awareness of ISMS framework control requirements across the organisation.
- ISO/IEC 27001:2022 Lead Auditor certification (required)
- Minimum 5 years' experience managing or coordinating an ISMS schedule for a large or complex organisation (required)
- Demonstrable experience supporting or participating in ISMS Steering Committees (required)
- Experience working with Enterprise Risk Management functions (required)
- Proven experience coordinating non‑conformity remediation activities (required)
- Strong experience working with external certification bodies and auditors, including audit scheduling and preparation (required)
- Excellent written and verbal communication skills (required)
- Discounts with hundreds of retailers through Entain Deals.
- Pension Scheme and annual ShareSave.
- Healthcare and wellbeing support.
- Development opportunities.
- And outside of this, you'll have the chance to turn recognition from leaders and colleagues into amazing prizes.
Entain is one of the world's largest sports betting and gaming entertainment groups and a FTSE 100 company. Formed when GVC Holdings rebranded as Entain in December 2020, its brands trace their history back to the 1880s and include bwin, Coral, Foxy, Gala, Ladbrokes and partypoker. Through its joint venture with MGM Resorts International, it powers BetMGM in the United States with its proprietary technology. Headquartered in London, Entain employs over 30,000 people with offices across 19 countries.

