Principal Security Engineer Scopely is looking for a Principal Security Engineer to join our Information Security team in Barcelona on a hybrid basis.
At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.
Our security team is dedicated to ensuring the security of our top games. This involves collaborating closely with game studios to develop and implement comprehensive security strategies throughout the game design and development lifecycle.
What You Will Do Partner with game studios to develop comprehensive security strategies for game design and development.
Conduct threat modeling, vulnerability assessments, and security audits across all phases of game development.
Design and implement security controls and countermeasures to mitigate risks and ensure compliance with company policies, standards, and industry norms.
Collaborate with game teams to advocate for secure coding practices and integrate security at every level of the software development lifecycle.
Develop and maintain comprehensive documentation on security architectures, processes, and decisions for technical and non-technical stakeholders.
Stay updated with the latest security technologies, trends, and threats, continuously improving our security frameworks and practices.
Work closely with information security domain owners to ensure games adhere to all relevant security policies, standards, and regulatory requirements.
Provide expert-level technical guidance to game teams to assist in securing games and backend infrastructure.
Coordinate and participate in penetration tests and game feature security assessments.
Frequently interact with game studio leaders to understand their roadmaps, risk postures, and how information security can enable them to execute their vision and meet business obligations securely.
Develop security-related roadmaps in partnership with game teams.
Regularly report to Information Security and Studio management to keep them informed of the threat landscape of the game.
Act as a thought leader and utilize an understanding of both qualitative and quantitative-based risk assessment frameworks to analyze and identify risks across the business.
Lead and/or assist security incidents and investigations.
What We're Looking For 8+ years of experience in product security, software development, or cybersecurity.
Ability to effectively communicate business risk and technical information clearly to both technical and non-technical audiences.
Proven track record in securing large-scale software applications and systems.
Experience with penetration testing tools such as Metasploit, Nessus, Burp Suite and familiar with Bamboo, Spinaker, Redis and Rest API tool.
Expertise in modern programming languages such as Python and C#.
Strong, hands-on experience with cloud computing environments including mastery of AWS shared responsibility model, IAM, and network security in the cloud.
Strong understanding of security and management of cloud workloads including access control, secure configuration, deployment strategy, and auditing.
Deep knowledge of Linux security practices.
Prior experience architecting for and managing high-scale, high-velocity workloads in AWS preferred.
Demonstrated ability to think like a hacker and a defender in anticipating and mitigating potential security threats.
Familiarity with security frameworks (e.g., OWASP, NIST Cybersecurity Framework) and compliance regulations (e.g., GDPR, CCPA, ISO 27001).
Excellent analytical, problem-solving, and decision-making skills, as well as the ability to work under pressure and in complex environments.
Exceptional communication and leadership skills, capable of leading projects and influencing others to achieve security objectives.
Information security certifications (i.e. CISSP, CEH, OSCP).
Bonus Points Previous experience at a game company preferred.
Bachelor's degree or equivalent work experience preferred - Computer Science, Information Security, or Information Systems is preferred.
At Scopely, we create games for everyone - and want to ensure that the people behind our games reflect that! We are committed to creating a diverse, supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure!
About Us Scopely is a global interactive entertainment and mobile-first video game company, home to many top, award-winning experiences such as "MONOPOLY GO!", "Star Trek Fleet Command," "Stumble Guys," "MARVEL Strike Force," and "Yahtzee With Buddies," among others.
Scopely creates, publishes, and live-operates immersive games that empower a directed-by-consumer experience across multiple platforms--from mobile, web, PC and beyond.
Founded in 2011, Scopely is fueled by a world-class team and a proprietary technology platform Playgami that supports one of the most diversified portfolios in the games industry.
Recognized multiple times as one of Fast Company's "World's Most Innovative Companies," Scopely is a multi-billion-dollar business due to its ability to create long-lasting game experiences that players enjoy for years.
Scopely has global operations in more than a dozen markets across Asia, EMEA, and North America, and is home to many internal game development teams, referred to as Scopely Studios, with additional game studio partners across four continents.
Scopely was acquired by Savvy Games Group in July 2023 for $4.9 billion, and is now an independent subsidiary of Savvy.
For more information on Scopely, visit: scopely.com.
#J-18808-Ljbffr