open positions

Senior SOX IT Controls Analyst

New York City

ABOUT FANDUEL

FanDuel Group is the premier mobile gaming company in the United States and Canada. FanDuel Group consists of a portfolio of leading brands across mobile wagering including: America’s #1 Sportsbook, FanDuel Sportsbook; its leading iGaming platform, FanDuel Casino; the industry’s unquestioned leader in horse racing and advance-deposit wagering, FanDuel Racing; and its daily fantasy sports product.  

In addition, FanDuel Group operates FanDuel TV, its broadly distributed linear cable television network and FanDuel TV+, its leading direct-to-consumer OTT platform. FanDuel Group has a presence across all 50 states, Canada, and Puerto Rico.

The company is based in New York with US offices in Los Angeles, Atlanta, and Jersey City, as well as global offices in Canada and Scotland. The company’s affiliates have offices worldwide, including in Ireland, Portugal, Romania, and Australia.

FanDuel Group is a subsidiary of Flutter Entertainment, the world's largest sports betting and gaming operator with a portfolio of globally recognized brands and traded on the New York Stock Exchange (NYSE: FLUT).


THE POSITION
Our roster has an opening with your name on it

FanDuel is seeking a dynamic and experienced Senior SOX IT Controls Analyst to add to its first line of defense (1LOD) Technology & Cyber Governance, Risk & Controls (GRC) team. This role will serve as the central point of contact for addressing all ITGC inquiries, managing escalations related to SOX IT control issues, and partnering with internal and external stakeholders to ensure compliance with regulatory requirements and will work closely with Enterprise Risk and Flutter Internal Controls for alignment with 2LOD Divisional and 2LOD Group SOX strategies. This role will report to the Technology Regulatory and Controls Senior Manager and will play a pivotal role in defining robust controls and processes to adhere to the company’s compliance obligations with SEC and SOX regulations. The ideal candidate will bring extensive experience in IT SOX audits, controls testing, and risk management, while fostering collaboration across departments. 

In addition to the specific responsibilities outlined above, employees may be required to perform other such duties as assigned by the Company. This ensures operational flexibility and allows the Company to meet evolving business needs.


THE GAME PLAN
Everyone on our team has a part to play

  • Liaise with the SOX Testing team and key stakeholders to ensure FanDuel’s overall compliance with SOX Section 404 requirements, including but not limited to:
    • Collaborate with Technology, Cybersecurity, Finance, Enterprise Risk, and SOX testing / audit teams for all matters related to SOX IT General Controls (ITGC)
    • Respond to inquiries and escalations related to SOX ITGCs from internal and external auditors, ensuring timely resolution and clear communication
    • Work in lockstep with SOX Accounting and SOX Risk Program Management to ensure scope alignment and audit support
    • Drive efforts to improve SOX IT scoping strategies, develop a comprehensive understanding of applicable IT and business processes, and support the maintenance of integrated IT and business process, risk and control framework documentation
    • Consult on the control design and implementation of required and repeatable ITGCs with process owners to meet regulatory requirements, including for new products, processes and system implementation launches ensuring appropriate internal controls are in place prior to launch
    • Create and improve SOX ready documentation (e.g., narratives, flow charts, IT process & control descriptions)
    • Coordinate dynamic ITGC testing schedules defined by Flutter Internal Controls and/or external audit with stakeholders that fit business capacities while still meeting regulatory deadlines
    • Evaluate and track reported control deficiencies, root causes, and planned corrective actions in conjunction with IT and business process owners to ensure timely and accurate resolution
    • Contribute to regular reports to senior leadership, Enterprise Risk, Flutter Internal Controls, and other stakeholders on the status of SOX IT compliance, control issues, and remediation progress
  • Strive to continuously improve the SOX program to be more efficient and effective through optimization and automation:
    • Support the stand up of a continuous controls monitoring tool by ensuring SOX ITGC requirements are defined and in place to enable SOX readiness including automated ITGC evidence gathering and testing efforts
    • Support the integration of IT SOX controls with broader compliance initiatives, including PCI DSS, SOC2, and other regulatory requirements as needed 
  • Serve as a subject matter expert on SOX ITGCs and provide guidance on ITGC-related matters thru cross functional discussions and workshops to foster a proactive risk management culture and alignment with SOX requirements and company objectives
  • Support training and communications as needed on relevant IT general control practices for the technology & cyber community
  • Stay abreast of evolving technology & cyber threats, news, and trends to enhance risk and control management strategies
  • Assist with special risk assessment and department initiatives, as assigned
  • Maintain procedures, playbooks, virtual webpages, and metrics dashboards surrounding SOX ITGC effectiveness
  • Mentor and guide junior team members, sharing expertise and promoting continuous professional development


THE STATS
What we're looking for in our next teammate

  • Bachelor’s degree preferred in a technical field (e.g., Cybersecurity, Information Technology) or equivalent combination of education, training, and relevant experience
  • 5+ years of relevant work experience in public accounting, internal auditing, and/or in SOX industry experience. Technology or Software industry experience preferred
  • Hands-on experience executing and managing cybersecurity assessments in a heavily regulated industry, including writing, documenting, and assessing risks/controls and drafting business process summaries for executives
  • Strong IT & security risk domain knowledge of technology and cybersecurity best practices, principles, tools, and industry control frameworks (e.g., SOX, GLI, NIST CSF, SOC2, PCI, CIS Critical Controls, COBIT, ITIL, CMMI)
  • Experience with designing testing approaches for ITGCs, ITACs, Interface Monitoring and related supporting controls
  • Understand the ITGC relationship with financial reporting to properly scope a SOX environment
  • “Stay Hungry, Stay Humble” mindset that strives to continuously learn and share new skills with others, and embraces a steep learning curve to understand our business and technology drivers to get the job done
  • “Anything Is Possible” attitude that is highly organized and results-driven to solve our most important challenges
  • Comfortable navigating shifting priorities in a fast-paced environment, with the ability to work independently with minimal supervision while also as an exceptional team player that excels at cultivating relationships and promoting collaboration and cohesiveness to fulfill our “We Are One Team” principle
  • Ability to translate risk/control standards into functional business requirements
  • Strong written and verbal communication skills to articulate risk/control insights to both technical and non-technical stakeholders
  • Proficient working with Microsoft Office 365, GRC and project management tools (e.g., JIRA, AuditBoard, Anecdotes)
  • Relevant professional certifications such as CISA, CISSP, CPA, CISM, or CRISC are preferred


PLAYER BENEFITS
We treat our team right

We offer amazing benefits above and beyond the basics. We have an array of health plans to choose from (some as low as $0 per paycheck) that include programs for fertility and family planning, mental health support, and fitness benefits. We offer generous paid time off (PTO & sick leave), annual bonus and long-term incentive opportunities (based on performance), 401k with up to a 5% match, commuter benefits , pet insurance, and more - check out all our benefits here: FanDuel Total Rewards. *Benefits differ across location, role, and level.

FanDuel is an equal opportunities employer and we believe, as one of our principles states, “We are One Team!”. As such, we are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, creed, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, or another other characteristic protected by state, local or federal law. We believe FanDuel is strongest and best able to compete if all employees feel valued, respected, and included.

The applicable salary range for this position is $138,000 - $173,000 USD, which is dependent on a variety of factors including relevant experience, location, business needs and market demand. This role may offer the following benefits: medical, vision, and dental insurance; life insurance; disability insurance; a 401(k) matching program; among other employee benefits. This role may also be eligible for short-term or long-term incentive compensation, including, but not limited to, cash bonuses and stock program participation. This role includes paid personal time off and 14 paid company holidays. FanDuel offers paid sick time in accordance with all applicable state and federal laws.

 

#LI-Hybrid