×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant

Product Security Architect

Job in Leeds, West Yorkshire, England, UK
Listing for: Flutter Entertainment
Full Time position
Listed on 2025-12-01
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant
Job Description & How to Apply Below

Location – Leeds/Dublin

Hybrid – 2 days per week

At Flutter, Product Security encompasses not just application code, but also infrastructure as code, APIs, CI/CD pipelines, containers and third‑party dependencies.

The Senior Product Security Architect is responsible for defining, evolving, and championing a group‑wide Product Security strategy across all regions and brands. Operating in a federated environment, this role provides strategic guidance, technical direction, and hands‑on expertise to help security and engineering teams across the enterprise embed security into the product development life cycles.

This role is the key advisor on App Sec standards, secure development practices, threat modelling, and security tooling (e.g. SAST, DAST, SCA, IaC scanning, container security, etc.), ensuring consistency and maturity in how applications are built and maintained. By aligning teams with modern Dev Sec Ops  principles, developer enablement, and security automation, the role plays a critical part in improving the overall security posture of Flutter’s software estate.

Overall, the Senior Product Security Architect is expected to be a seasoned application security professional who combines technical expertise with strategic vision and leadership. This person has demonstrated success in building or maturing a similar programme and possesses the communication skills to unite both technical teams and business leaders around a common product security vision. They will drive Flutter’s brands towards an advanced security posture – one that not only protects critical assets and meets compliance obligations but also enables business objectives across Flutter’s diverse and dynamic environment.

About

Division/Function

Flutter consists of two commercial divisions (Fan Duel and International) and our central Flutter Functions; COO, Finance & Legal. In Flutter Functions we work with colleagues across all our divisions and regions to deliver something we call the Flutter Edge. It’s what differentiates us, our ‘secret sauce’ which plays a key part in our ongoing success and powers our brands and divisions, through Product, Tech, Expertise and Scale.

In Flutter COO we work with experts across Flutter to build, deploy and communicate the Flutter Edge. Together we cover Product & Payments, Technology, Sports book Product & Trading, People, Property, Corporate Communications and Strategic Partnerships & Transformation.

What You’ll Do
  • Strategic Leadership &

    Roadmap:

    Define and lead the enterprise‑wide Application Security and SSDLC strategy, including short, mid, and long‑term goals aligned with the group’s security posture and digital transformation initiatives. Develop and maintain App Sec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global secure development policy, including approved tools, practices, and coding standards.
  • Technology & Tooling Strategy:
    Evaluate, recommend, and support the rollout of App Sec tools such as SAST, DAST, SCA, container and IaC scanners, runtime protections, and CI/CD pipeline integrations. Collaborate with platform and Dev Ops teams to ensure tool integration and automation into developer workflows across brands. Provide architecture guidance on secure design patterns and security tool architecture in cloud‑native and hybrid environments.
  • Global

    Collaboration:

    Work closely with the Associate Director of Group Enterprise Security and other domain leads to align strategies and ensure cross‑cutting coverage. Define and monitor key App Sec KPIs and metrics (e.g. vulnerability MTTR, scan coverage, risk acceptance trends) and report findings to leadership and the Global Cyber Council. Coordinate secure architecture reviews for critical application initiatives and provide consultative threat‑modelling support to large cross‑brand projects.
  • Continuous Improvement & Innovation:
    Keep abreast of emerging application security technologies, industry best practices, and threat trends. Evaluate new tools or features and where beneficial incorporate them into the strategy.…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search