We are looking for an Information Security Engineer to help secure the data, assets, and systems that enable us to make world-class games and ensure they remain available for our players. Do you enjoy tackling unique challenges and creating solutions to empower your team's workflow while reducing risk? Are you looking for an opportunity to leave your mark on the world around you? If so, we may be looking for you!
Our Information Security Engineering team supports organizations across our family of studios to provide architectural feedback, analyze systems and policies, maintain and deploy new information security systems, provide user education, and respond to security incidents in studio and production environments. Join our family of studios and build solutions and systems to protect the availability and integrity of our teams, our assets, and our customers.
Who you are:
- You are a security professional who is comfortable working in dynamic, technology-heavy environments.
- You are an effective communicator with experience working across teams and departments.
- You are a team player who enjoys collaborating to solve problems.
- You are someone with strong time management and prioritization skills.
- You are an automation and systems advocate that's always on the lookout for ways to eliminate manual processes.
- You are comfortable working with light supervision and in situations with ambiguous requirements.
- You are a gamer or someone familiar with video gaming and the games industry.
- You enjoy engaging with teams to identify their needs and provide them with insight.
- You are curious and delighted by discoveries and trends in the security space.
What You Will Do:
- Selection, implementation, and refinement of existing and new information security systems; to include vulnerability management solutions, security event management, endpoint security and antivirus, network security monitoring and content filtering, and forensics capabilities within the infrastructure; developing and utilizing automation where possible
- Review and monitor existing network, systems, and tools for compliance with company security standards
- Evaluate new technologies and processes that enhance security capabilities
- Confer with users to discuss issues such as access needs, evaluating new tools, and investigating security violations
- Train users and promote security awareness to ensure system security and to improve server and network efficiency
- In-depth understanding of information technology and information security practices, including the areas of application security, policy development, security-related research, physical security, systems integrity, and disaster recovery
- Ability to rapidly learn new technologies and business functions. Good analytical skills and the ability to multi-task
- Experience selecting, maintaining, configuring, and operating vulnerability management, security event management, endpoint security and antivirus, firewall, network security monitoring, and content filtering solutions
- Experience implementing security applications, including installation, configuration, and automation of processes
- Experience with networking technologies, such as firewalls, routers, load balancers, and proxies
- Knowledge of network-based protocols such as TCP/IP, HTTP, HTTPS, DNS
- Knowledge of datacenter and cloud live production best practices and experience working in live high availability customer-facing production environments
- Experience with securing Microsoft Windows environments, Active Directory controls, and permissions, and group policies
- Experience configuring, hardening, and maintaining Linux and Windows server operating systems
- Ability to express thoughts clearly, and promote a culture of trust, and respect, while contributing to a collaborative team environment
- Ability to be flexible with changing needs and priorities and the ability to proactively detect and resolve problems or issues with systems, tools, and processes
- Experience with the security features and tools of Microsoft 365
- Experience with Threat Modeling, security assessments, and evaluating mitigating controls
- Experience with network-based detective controls like IDS, IPS, and various SIEMS
- Experience with performing vulnerability scans and assessments
- Game Studio or Gaming Platform experience a plus
- Experience performing computer system forensics
- Understanding of Risk Management
- One or more of the following certifications a plus: OSCP, OSCE, GPEN, GWAPT, CWAPT or CISSP