open positions

Staff SOX IT Controls Analyst

New York

ABOUT FANDUEL

FanDuel Group (“FanDuel") is an innovative sports-tech entertainment company that is changing the way consumers engage with their favorite sports, teams, and leagues. The premier gaming destination in the United States, FanDuel consists of a portfolio of leading brands across gaming, sports betting, daily fantasy sports, advance-deposit wagering, and TV/media. 

FanDuel has a presence across all 50 states with approximately 17 million customers and 28 retail locations. FanDuel is based in New York with offices in New Jersey, Georgia, California, Oregon, Canada and Scotland.

Its networks FanDuel TV and FanDuel+ are broadly distributed on linear cable television and through its relationships with leading direct-to-consumer over-the-top platforms.

FanDuel Group is a subsidiary of Flutter Entertainment plc, the world's largest sports betting and gaming operator with a portfolio of globally recognized brands and traded on the New York Stock Exchange (NYSE: FLUT).


THE ROSTER
At FanDuel, we give fans a new and innovative way to interact with their favorite games, sports and teams. We’re dedicated to building a winning team and we pride ourselves on being able to make every moment mean more, especially when it comes to your career. So, what does “winning” look like at FanDuel? It’s recognition for your hard-earned results, a culture that brings out your best work—and a roster full of talented coworkers. Make no mistake, we are here to win, but we believe in winning right. That means we’ll never compromise when it comes to looking out for our teammates. From creatives professionals to cutting edge technology innovators, FanDuel offers a wide range of career opportunities, best in class benefits, and the tools to explore and grow into your best selves. At FanDuel, our principle of “We Are One Team” runs through all our offices across the globe, and you can expect to be a part of an exciting company with many opportunities to grow and be successful.


THE POSITION
Our roster has an opening with your name on it

FanDuel is seeking a dynamic and experienced Staff SOX IT Controls Analyst to add to its first line of defense (1LOD) Technology & Cyber Governance, Risk & Controls (GRC) team. This role will serve as the central point of contact for addressing all ITGC inquiries, managing escalations related to SOX IT control issues, and partnering with internal and external stakeholders to ensure compliance with regulatory requirements and will work closely with Enterprise Risk and Flutter Internal Controls for alignment with 2LOD Divisional and 2LOD Group SOX strategies. This role will report to the Technology Regulatory and Controls Senior Manager and will play a pivotal role in defining robust controls and processes to adhere to the company’s compliance obligations with SEC and SOX regulations. The ideal candidate will bring extensive experience in IT SOX audits, controls testing, and risk management, while fostering collaboration across departments.


THE GAME PLAN
Everyone on our team has a part to play

  • Liaise with the SOX Testing team and key stakeholders to ensure FanDuel’s overall compliance with SOX Section 404 requirements, including but not limited to:
    • Act as the primary liaison between Technology, Cybersecurity, Finance, Enterprise Risk, and SOX testing / audit teams for all matters related to SOX IT General Controls (ITGC).
    • Respond to inquiries and escalations related to SOX ITGCs from internal and external auditors, ensuring timely resolution and clear communication
    • Work in lockstep with SOX Accounting and SOX Risk Program Management to ensure scope alignment and audit support
    • Drive efforts to improve SOX IT scoping strategies, develop a comprehensive understanding of applicable IT and business processes, and support the maintenance of integrated IT and business process, risk and control framework documentation
    • Consult on the control design and implementation of required and repeatable ITGCs with process owners to meet regulatory requirements, including for new products, processes and system implementation launches ensuring appropriate internal controls are in place prior to launch
    • Create and improve SOX ready documentation (e.g., narratives, flow charts, IT process & control descriptions)
    • Coordinate dynamic ITGC testing schedules defined by Flutter Internal Controls and/or external audit with stakeholders that fit business capacities while still meeting regulatory deadlines
    • Evaluate and track reported control deficiencies, root causes, and planned corrective actions in conjunction with IT and business process owners to ensure timely and accurate resolution
    • Prepare and present regular reports to senior leadership, Enterprise Risk, Flutter Internal Controls, and other stakeholders on the status of SOX IT compliance, control issues, and remediation progress
  • Strive to continuously improve the SOX program to be more efficient and effective through optimization and automation:
    • Support the stand up of a continuous controls monitoring tool by ensuring SOX ITGC requirements are defined and in place to enable SOX readiness including automated ITGC evidence gathering and testing efforts
    • Support the integration of IT SOX controls with broader compliance initiatives, including PCI-DSS, SOC2, and other regulatory requirements as needed
  • Serve as a subject matter expert on SOX ITGCs and provide guidance on ITGC-related matters thru cross-functional discussions and workshops to foster a proactive risk management culture and alignment with SOX requirements and company objectives
  • Develop and deliver tailored training and communications as needed on relevant IT general control practices for the technology & cyber community
  • Stay abreast of evolving technology & cyber threats, news, and trends to enhance risk and control management strategies
  • Assist with special risk assessment and department initiatives, as assigned
  • Maintain procedures, playbooks, virtual webpages, and metrics dashboards surrounding SOX ITGC effectiveness
  • Mentor and guide junior team members, sharing expertise and promoting continuous professional development


THE STATS
What we're looking for in our next teammate

  • Bachelor’s degree preferred in a technical field (e.g., Cybersecurity, Information Technology) or equivalent combination of education, training, and relevant experience
  • 8+ years of relevant work experience in public accounting, internal auditing, and/or in SOX industry experience. Technology or Software industry experience preferred.
  • Hands-on experience executing and managing cybersecurity assessments in a heavily regulated industry, including writing, documenting, and assessing risks/controls and drafting business process summaries for executives
  • Strong IT & security risk domain knowledge of technology and cybersecurity best practices, principles, tools, and industry control frameworks (e.g., SOX, GLI, NIST CSF, ISO, SOC2, PCI, CIS Critical Controls, COBIT, ITIL, CMMI)
  • Experience with designing testing approaches for ITGCs, ITACs, Interfaces and related supporting controls.
  • Understand the ITGC relationship with financial reporting to properly scope a SOX environment.
  • “Stay Hungry, Stay Humble” mindset that strives to continuously learn and share new skills with others, and embraces a steep learning curve to understand our business and technology drivers to get the job done
  • “Anything Is Possible” attitude that is highly organized and results-driven to solve our most important challenges
  • Comfortable navigating shifting priorities in a fast-paced environment, with the ability to work independently with minimal supervision while also as an exceptional team player that excels at cultivating relationships and promoting collaboration and cohesiveness to fulfill our “We Are One Team” principle
  • Ability to translate risk/control standards into functional business requirements
  • Strong written and verbal communication skills to articulate risk/control insights to both technical and non-technical stakeholders
  • Proficient working with Microsoft Office, GRC and project management tools (e.g., JIRA, AuditBoard, Anecdotes)
  • Relevant professional certifications such as CISA, CISSP, CPA, CISM, or CRISC are preferred


PLAYER BENEFITS
We treat our team right

From our many opportunities for professional development to our generous insurance and paid leave policies, we’re committed to making sure our employees get as much out of FanDuel as we ask them to give. Competitive compensation is just the beginning. As part of our team, you can expect:

  • An exciting and fun environment committed to driving real growth
  • Opportunities to build really cool products that fans love
  • Career and professional development resources to help you refine your game plan for owning and driving your career and development
  • Be well, save well and live well - with FanDuel Total Rewards your benefits are one highlight reel after another

FanDuel is an equal opportunities employer and we believe, as one of our principal states, “We Are One Team!”  We are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, creed, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, Veteran status, or another other characteristic protected by state, local or federal law. We believe FanDuel is strongest and best able to compete if all employees feel valued, respected, and included.  We want our team to include diverse individuals because diversity of thought, diversity of perspectives, and diversity of experiences leads to better performance.  Having a diverse and inclusive workforce is a core value that we believe makes FanDuel stronger and more competitive as One Team!

The applicable salary range for this position is $150,000- $187,000, which is dependent on a variety of factors including relevant experience, location, business needs and market demand. This role may offer the following benefits: medical, vision, and dental insurance; life insurance; disability insurance; a 401(k) matching program; among other employee benefits. This role may also be eligible for short-term or long-term incentive compensation, including, but not limited to, cash bonuses and stock program participation. This role includes paid personal time off and 14 paid company holidays. FanDuel offers paid sick time in accordance with all applicable state and federal laws.

 

#LI-Hybrid