Principal Security Engineer

• Partner with game studios to develop comprehensive security strategies for game design and development.
• Conduct threat modeling, vulnerability assessments, and security audits across all phases of game development.
• Design and implement security controls and countermeasures to mitigate risks and ensure compliance with company policies, standards, and industry norms.
• Collaborate with game teams to advocate for secure coding practices and integrate security at every level of the software development lifecycle.
• Develop and maintain comprehensive documentation on security architectures, processes, and decisions for technical and non-technical partners.
• Stay updated with the latest security technologies, trends, and threats, continuously improving our security frameworks and practices.
• Work closely with information security domain owners to ensure games adhere to all relevant security policies, standards, and regulatory requirements.
• Provide expert-level technical guidance to game teams to assist in securing games and backend infrastructure.
• Coordinate and participate in penetration tests and game feature security assessments.
• Frequently interact with game studio leaders to understand their roadmaps, risk postures, and how information security can enable them to implement their vision and meet business obligations securely.
• Develop security-related roadmaps in partnership with game teams.
• Regularly report to Information Security and Studio management to keep them informed of the threat landscape of the game.
• Act as a leader with vision and use an understanding of both qualitative and quantitative-based risk assessment frameworks to analyze and identify risks across the business.
• Lead and/or assist security incidents and investigation

What we're looking for

• 8+ years of experience in product security, software development, or cybersecurity.
• Ability to effectively communicate business risk and technical information clearly to both technical and non-technical audiences.
• Consistent track record in securing large-scale software applications and systems.
• Experience with penetration testing tools such as Metasploit, Nessus, Burp Suite and familiar with Bamboo, Spinaker, Redis and Rest API tool.
• Expertise in modern programming languages such as Python and C#
• Strong, hands-on experience with cloud computing environments including mastery of AWS shared responsibility model, IAM, and network security in the cloud
• Solid understanding of security and management of cloud workloads including access control, secure configuration, deployment strategy, and auditing
• Deep knowledge of Linux security practices 
• Prior experience architecting for and managing high-scale, high-velocity workloads in AWS preferred
• Demonstrated ability to think like a hacker and a defender in anticipating and mitigating potential security threats.
• Familiarity with security frameworks (e.g., OWASP, NIST Cybersecurity Framework) and compliance regulations (e.g., GDPR, CCPA, ISO 27001).
• Excellent analytical, problem-solving, and decision-making skills, as well as the ability to work under pressure and in complex environments.
• Outstanding communication and leadership skills, capable of leading projects and influencing others to achieve security objectives.
• Information security certifications (i.e. CISSP, CEH, OSCP)

Bonus Points 

• Previous experience at a game company preferred
• Bachelor's degree or equivalent work experience preferred - Computer Science, Information Security, or Information Systems is preferred