Job Specifications
THE POSITION
Our roster has an opening with your name on it
FanDuel is seeking a GRC Engineer to bring technical excellence to our Governance, Risk, and Compliance initiatives. You'll focus on engineering solutions, automation, and integrations that support programs in Third-Party Risk Management (TPRM), Identity Governance & Administration (IGA), Technology Risk, and Business Continuity/Disaster Recovery (BCDR).
To be successful in this role, you'll need to be curious, adaptable, and eager to solve complex challenges with code. You should thrive on working across technical domains, collaborating with peers, and finding innovative ways to embed GRC practices into real-world systems. Success means delivering reliable, scalable solutions that strengthen assurance and enable the business to move fast while staying secure.
In addition to the specific responsibilities outlined above, employees may be required to perform other such duties as assigned by the Company. This ensures operational flexibility and allows the Company to meet evolving business needs.
THE GAME PLAN
Everyone on our team has a part to play
Engineer automation and integrations that streamline GRC processes and reduce manual effort.
Implement solutions across TPRM, IGA, and BCDR, supporting vendor risk assessments, access recertifications, and resilience testing.
Build and maintain APIs and integrations between GRC platforms, IAM systems, and enterprise tools.
Automate control testing and monitoring to improve consistency, assurance, and speed of response.
Collaborate with engineers across technical domains to embed GRC requirements into infrastructure, applications, and cloud services.
Contribute to documentation and knowledge sharing for GRC tooling, integrations, and automated workflows.
Build and maintain automation using platforms like Tines and perform API integrations for evidence collection, assurance reporting, and user populations.
Support and advise engineering teams on "policy as code" approaches (e.g., using Rego/OPA or similar frameworks) to embed controls directly into engineering workflows, ensuring compliance and risk requirements are enforced at scale.
Stay current on evolving regulations and technologies, applying them to engineer sustainable solutions.
Support other critical GRC initiatives as assigned or needed, ensuring flexibility and responsiveness to business priorities.
THE STATS
What we're looking for in our next teammate
5-7+ years of experience in Security Engineering or a Technical GRC function (candidates with strong technical ability and fewer years will be considered).
Strong coding/scripting skills (Python, JavaScript, PowerShell, SQL) and ability to integrate systems using APIs.
Experience building automation or integrations in enterprise environments.
Familiarity with GRC domains such as TPRM, IGA, and BCDR and associated toolsets, e.g., OneTrust, Zilla, Riskonnect, Anecdotes, or similar.
Knowledge of regulatory frameworks and control domains (SOX, SOC 2, PCI, GDPR, NIST CSF, ISO 27001).
Familiarity with AWS infrastructure and integration patterns.
Experience with automation and orchestration tools (e.g., Tines) and API integrations for evidence collection and monitoring is strongly preferred.
Experience with policy as code frameworks (e.g., Rego/OPA, CloudFormation Guard, Terraform Sentinel) a plus.
Strong collaboration and communication skills -- able to work across functions and explain technical concepts clearly.
Innovative and adaptable mindset - comfortable learning quickly, adjusting to evolving regulations and technologies, and seeking out innovative approaches.
Pragmatic approach - focused on balancing compliance rigor with engineering realities in a fast-moving environment.
Preferred Certifications: CISA, CISSP, or CISM.
About Fanduel
FanDuel Group is the premier mobile gaming company in the United States and Canada. FanDuel Group consists of a portfolio of leading brands across mobile wagering including: America's #1 Sportsbook, FanDuel Sportsbook; its leading iGaming platform, FanDuel Casino; the industry's unquestioned leader in horse racing and advance-deposit wagering, FanDuel Racing; and its daily fantasy sports product.
In addition, FanDuel Group operates FanDuel TV, its broadly distributed linear cable television network and FanDuel TV+, its leading direct-to-consumer OTT platform. FanDuel Group has a presence across all 50 states, Canada, and Puerto Rico.
The company is based in New York with US offices in Los Angeles, Atlanta, and Jersey City, as well as global offices in Canada and Scotland. The company's affiliates have offices worldwide, including in Ireland, Portugal, Romania, and Australia.
FanDuel Group is a subsidiary of Flutter Entertainment, the world's largest sports betting and gaming operator with a portfolio of globally recognized brands and traded on the New York Stock Exchange (NYSE: FLUT).
Player Benefits
We treat our team right
We offer amazing benefits a
About the Company
FanDuel Group is an innovative sports-tech entertainment company that is changing the way consumers engage with their favorite sports, teams, and leagues. The premier gaming destination in the North America, FanDuel Group consists of a portfolio of leading brands across gaming, sports betting, daily fantasy sports, advance-deposit wagering, and TV/media, including FanDuel, Stardust Casino and TVG.
The company is based in New York with US offices in Los Angeles, Atlanta, and Jersey City, as well as global offices in Canada ...
Know more