Yggdrasil Gaming logo

Information Security and Data Protection Specialist

Yggdrasil Gaming
Full-time
Remote friendly (St. Julian's, Malta)
Malta
Legal & Compliance

Yggdrasil is a leading provider of online gaming solutions, known for its innovation and creativity. Since our start in 2013, we've grown rapidly and earned a strong reputation in the iGaming industry. We’re driven by a passion for quality, cutting-edge technology, and a culture that values bold ideas and teamwork. Join us and be part of a company that’s shaping the future of gaming!

Job Description

In this role, you will own the strategy, roadmap and day‑to‑day execution of our information security and privacy programme. Your mission: cut risk, meet regulatory demands, and keep our customers’ data safe.

Key Responsibilities

  • Run daily security operations –Update and apply policies and standards that prevent loss, fraud and breaches.
  • Build and update the security roadmap – set priorities, budget and timelines; track delivery.
  • Assess and improve – perform ongoing process and system reviews; close gaps fast.
  • Lead audits and risk assessments – scope, run, report and follow up. Manage the ISO 27001, Pentests, Vscans, and ISMS audits end to end.
  • Introduce next‑gen security tech – evaluate, select and coordinate implementations.
  • Advise and oversee – coach management and teams on security and privacy best practice.
  • Governance and compliance – steer the organisation toward full alignment with ISO 27001, GDPR and other relevant laws.
  • Maintain Records of Processing Activities (RoPA) – gather updates from every business unit and system owner.
  • Incident response – act as privacy lead, ensure swift containment, notification and lessons learned.
  • Own the GDPR programme – set annual objectives, maintain the policy framework, report progress to senior leadership.
  • Primary privacy contact – handle enquiries from regulators, partners and data subjects.
  • Training and awareness – design and deliver engaging sessions for onboarding, role‑specific deep dives and annual refreshers.

What You’ll Bring

  • Proven experience managing information security and data protection in a regulated environment.
  • Deep knowledge of ISO 27001, GDPR and related frameworks.
  • Hands‑on skill with security tech
  • Strong risk assessment and audit background.
  • Clear communication – you translate security jargon into business language.
  • Ability to influence at every level
  • Relevant certifications (e.g., CISSP, CISM, CIPP/E) are a plus.

Success Looks Like

  • Zero material security or privacy breaches.
  • Clean audit findings and timely closure of actions.
  • Measurable reduction in risk scores year on year.
  • High staff engagement in security training.
  • Regulators recognise our programme as best‑in‑class.

 

Additional Information

Perks & Benefits:

  • Gym Membership: Embrace a healthy lifestyle with our fully sponsored gym membership — because health is wealth!
  • Wolt Vouchers: Enjoy delicious meals delivered to your doorstep with monthly Wolt vouchers.
  • Hybrid Working: Experience the best of both worlds with our flexible hybrid working model.
  • Leadership Development: Be one of the 25% of employees selected annually for our exclusive Leadership Development Program, offering targeted training and mentorship to boost your career.
  • Private Healthcare: Access top-tier private healthcare services for you & your family.
  • Self care day 
  • Media streaming allowance

Equal Opportunity:

We are an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Join us to bring your creativity and leadership to a dynamic and innovative team!

Encouragement to Apply:

We understand that confidence gaps and imposter syndrome can deter amazing candidates from applying. Please apply anyway — we’d love to hear from you.

Want to know more about life at Yggdrasil? Check out our Instagram page Life at Yggdrasil (@lifeatyggdrasil) • Instagram photos and videos