ESL FACEIT Group is hiring a
Senior Security Engineer

Summary

Join EFG's Technology team as a Senior Security Engineer and contribute to advancing the company's information security by developing and implementing security tools, platforms, procedures, and best practices.

Requirements

• Strong Security background in Engineering and/or Cloud focused position
• Capable of designing Security policies, procedures and best practices as well as rolling them out successfully across teams and technology
• Experience with Amazon Web Services and/or the Google Cloud Platform, with an ability to provide secure Cloud Architectures in a fast-paced technical environment
• Experience with IaC tools (e.g. Terraform)
• Experience with containerisation and orchestration technologies (e.g. Docker, Kubernetes)
• Experience with scripting languages (e.g. Python, Bash)
• Experience with a modern programming language (e.g. Go, Typescript)
• Good knowledge of Security tooling, frameworks and approaches (e.g. SIEM, SOAR, IPS/IDS, NIST, Vulnerability Management)
• Capable of implementing SecOps/DevSecOps practices from scratch, implementing, maintaining, and scaling them out across teams and the company
• Familiarity with Security compliance frameworks (e.g. NIST, ISO 27001, PCI DSS, GDPR)

Responsibilities

• Leverage a broad and current understanding of Security to define, create and rollout new protections for our Digital Platform
• Collaborate with cross-functional teams to improve overall security posture and awareness as well as articulating the business value of Security investments
• Implement and manage security controls and best practices in both the Amazon Web Services and Google Cloud Platform environment
• Develop and enforce security measures for cloud infrastructure, ensuring robust protection against threats
• Champion DevSecOps practices by integrating robust security measures into CI/CD pipelines and infrastructure as code, while addressing security considerations within Domain-Driven Design frameworks to ensure end-to-end security and compliance throughout the software development lifecycle
• Improve application security practices across the development lifecycle
• Interact with the external Security community and Security researchers to keep our platform secure
• Conduct penetration testing on EFG’s Digital Platform and infrastructure to identify vulnerabilities and improve our security defenses
• Conduct threat impact analysis and research to stay ahead of emerging threats
• Manage response to ongoing threats, operating autonomously or engaging the relevant stakeholder(s) to keep the systems as secure as possible
• Assist with Audit and Compliance assessments as and when required