Senior Information Security Engineer
INDIA-Bangalore-ITPB
Light & Wonder
Corporate:
Light & Wonder’s corporate team is comprised of incredible talent that works across the enterprise, defying boundaries to provide essential services in an extraordinary manner to ensure the success of the organization and the well-being of employees.
Position Summary
The Senior Information Security Engineer will report to the Head of Information Security for Gaming with the following main responsibilities:
- Drive the security architecture of our systems and products within Land-Based gaming and services to define and implement secure-by-default and defense-in-depth strategies
- Partner with the developer teams developing our services, and contribute security expertise to the architecture and design of our products and systems
- Conduct comprehensive code reviews to identify and rectify security vulnerabilities and coding flaws
- Apply your knowledge to conduct or guide vulnerability and penetration testing of these systems to uncover security issues both manually and using developing automation tools as needed to support your work
- Research new techniques, vulnerabilities, and attack vectors in these components to proactively drive security improvement across each functional area
- Play a leadership role in Gaming Information Security and Gaming development community setting direction for security for key technologies and serving as a subject matter expert resource for security engineers and business leaders inside and outside of your organization
Qualifications and Skills
- Vulnerability scanners and Penetration Testing tools required
- Anti-exploitation and host hardening
- Database protection tools
- Knowledge in Python, Powershell, Regular expression and other languages
- Knowledge in C++, C#, Visual Studios, and Unity
- ArgOS experience greatly desired
- DevSecOps experience greatly desired
- Working experience and knowledge of Windows and Unix/Linux Operating Systems
- Understanding of ISO27001, NIST CSF, and other common Risk Management Framework terminology, processes, characterization models, etc.
- Understanding of OWASP Top 10
- Good technical writing, documentation, and communication skills
- Strong technical understanding and aptitude for analytical problem-solving
- Strong interpersonal skills
- Ability to collaborate effectively with cross-functional teams and communicate complex security concepts to technical and non-technical stakeholders
Education and Experience
- Bachelor's Degree in Engineering, Computer Sciences, Computer Software, Information Technology, Information Security, or other relevant degree and/or equivalent industry experience
- 2 - 5 years experience in Cybersecurity/Information Security Engineering, Application Security, Secure SDLC, Penetration Testing, System/Network/Cloud Security, and/or related field required
- Master's degree desirable
- CISSP/CISM/CISA/SANS GIAC/SABSA or equivalent certifications desirable
Qualifications
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation C CISA CISM CISSP Cloud DevSecOps GIAC ISO 27001 Linux NIST OWASP Pentesting PowerShell Python Risk management RMF SANS SDLC UNIX Vulnerabilities Windows
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.