Principal Security Engineer
Scopely is looking for a Principal Security Engineer to join our Information Security team in Barcelona on a hybrid basis.
At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players.
We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.
Our security team is dedicated to ensuring the security of our top games.
This involves: Partner with game studios to develop comprehensive security strategies for game design and development.Conduct threat modeling, vulnerability assessments, and security audits across all phases of game development.Design and implement security controls and countermeasures to mitigate risks and ensure compliance with company policies, standards, and industry norms.Collaborate with game teams to advocate for secure coding practices and integrate security at every level of the software development lifecycle.Develop and maintain comprehensive documentation on security architectures, processes, and decisions for technical and non-technical stakeholders.Stay updated with the latest security technologies, trends, and threats, continuously improving our security frameworks and practices.Work closely with information security domain owners to ensure games adhere to all relevant security policies, standards, and regulatory requirements.Provide expert-level technical guidance to game teams to assist in securing games and backend infrastructure.Coordinate and participate in penetration tests and game feature security assessments.Frequently interact with game studio leaders to understand their roadmaps, risk postures, and how information security can enable them to execute their vision and meet business obligations securely.Develop security-related roadmaps in partnership with game teams.Regularly report to Information Security and Studio management to keep them informed of the threat landscape of the game.Act as a thought leader and utilize an understanding of both qualitative and quantitative-based risk assessment frameworks to analyze and identify risks across the business.Lead and/or assist security incidents and investigations. What We're Looking For: 8+ years of experience in product security, software development, or cybersecurity.Ability to effectively communicate business risk and technical information clearly to both technical and non-technical audiences.Proven track record in securing large-scale software applications and systems.Experience with penetration testing tools such as Metasploit, Nessus, Burp Suite and familiarity with Bamboo, Spinnaker, Redis, and Rest API tools.
#J-18808-Ljbffr