Tatts hunts for IT security boss

The new IT leaders at gaming giant Tatts Group are aiming to elevate the internal status of information security by appointing a new dedicated head of infosec.

Janet Sutherland

Tatts welcomed a new chief information officer and chief technology officer earlier this year, filling the IT leadership ranks with former Wotif colleagues Mandy Ross and Janet Sutherland.

The pair are now looking for a "principal security officer" to join them - what Sutherland calls the equivalent of a chief information security officer but without the "hierarchical" title.

"It is the equivalent of that sort of level of engagement with security," she said.

"We figured we’ve got a CIO and CTO, let’s go with ‘principal’ to demonstrate this person is responsible for and will drive security as we move into a more digital future."

The new principal security officer will report into Sutherland, who as CTO has picked up more of a strategic focus than the previous CTO while retaining oversight of operations.

Ross and Sutherland have been busy restructuring the IT department since their appointments to faciliate better collaboration both within the IT shop and with the wider business.

As a result, information security has now been given its own direct line of reporting to the CTO.

The function was previously led by the head of security and compliance, a position held by Peter Detheridge, which reported into the CIO.

But after Detheridge decided 38 years was enough time in the industry earlier this month, Sutherland and Ross took his retirement as an opportunity to work out where the best home for infosec was.

The CTO office has been restructured into five new departments: security, operations, strategy, data centres and delivery.

"This is the start of establishing a more permanent team in light of the retirement of our previous person," Sutherland said.

"So we will be expanding and looking for some more staff, specifically a risk analyst and policy advisor."

Tatts' operational footprint extends across 10,000 outlets and venues across Australia and the UK. It also has one of the largest retail networks in Australia, with around 4000 shopfronts.

It took 250 million bets last year, and its gaming division monitors over 200,000 pieces of equipment.

"The numbers are massive," Sutherland said.

"That’s what makes security so important for us. Plus it’s a highly regulated environment.

"It’s a challenging environment, but it’s absolutely a great place to work. Our goal is to become the employer of choice in the IT industry and a trusted partner for our business units."

Sutherland is looking for someone with specific experience in the gaming industry or in one with similar levels of regulation.

The new hire will be given the immediate task of leading a review of the group-wide information security strategy.

Risk-averse candidates need not apply.

"A lot of security people tend to try and block business from doing anything. We have a very mature approach here and digital is becoming a much bigger part of our future," Sutherland said.

"We’re looking for somebody who has a consistent approach to security, awareness of a regulated environment such as ours, but who can be seen as an enabler for our team to adopt new and emerging technologies ... and invest into how we can leverage those securely in the future."