security engineer
генерация резюме под вакансию
сопроводительное письмо
описание
MY.GAMES is a leading European developer and publisher of games for PC, console, and mobile platforms. The company manages a portfolio of titles including War Robots, Hustle Castle, and Rush Royale, serving a global community of over one billion registered players.
задачи
- Shape and evolve the risk-based security strategy and roadmap;
- Own the risk register and drive risk-based prioritization;
- Develop and maintain security policies, standards, and procedures;
- Own and grow vulnerability management, including detection, prioritization, remediation tracking, and infrastructure scanning;
- Build out security monitoring, detection, and event logging;
- Lead incident response, including investigation, containment, post-mortems, and corrective actions;
- Secure on-prem infrastructure and cloud resources through hardening, network security, and endpoint protection;
- Manage access and account governance, including privileged access control;
- Embed secure development practices into SDLC and CI/CD;
- Run threat modeling and advise teams on secure architecture;
- Protect source code and intellectual property from leaks;
- Drive product security, including player account protection, anti-fraud, and DDoS resilience;
- Ensure compliance with privacy requirements and operate within frameworks like ISO 27001, NIST CSF, and CIS;
- Assess risk from vendors, SaaS providers, and external teams;
- Run internal security trainings and phishing simulations;
- Lead security's side of AI adoption and manage associated risks;
- Manage security tooling, budget, and vendor relationships;
- Coordinate external pentests and the bug bounty program;
- Report on security posture and metrics to leadership.
требования
- 5+ Years of hands-on infosec experience;
- Strong command of Linux, networking, and infrastructure;
- Proficiency in scripting and automation using Python, Bash, or similar;
- Solid grasp of attack patterns and ability to analyze logs, traffic, and configs;
- Practical experience in vulnerability management, incident response, and monitoring;
- Experience with SIEM, vulnerability scanners, and endpoint protection;
- Working knowledge of recognized security frameworks and privacy requirements;
- Ability to work autonomously, prioritize tasks, and manage risks independently.
условия
- Remote work from anywhere in the world;
- Collaborative atmosphere within an internal game dev community;
- Access to unique expertise and professional knowledge;
- Resources for experimentation and implementation of new ideas.
навыки
Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.