Senior Information Security Engineer

Corporate:
Light & Wonder’s corporate team is comprised of incredible talent that works across the enterprise, defying boundaries to provide essential services in an extraordinary manner to ensure the success of the organization and the well-being of employees.

Position Summary

The Senior Information Security Engineer will report to the Head of Information Security for Gaming with the following main responsibilities:

• Drive the security architecture of our systems and products within Land-Based gaming and services to define and implement secure-by-default and defense-in-depth strategies
• Partner with the developer teams developing our services, and contribute security expertise to the architecture and design of our products and systems
• Conduct comprehensive code reviews to identify and rectify security vulnerabilities and coding flaws
• Apply your knowledge to conduct or guide vulnerability and penetration testing of these systems to uncover security issues both manually and using developing automation tools as needed to support your work
• Research new techniques, vulnerabilities, and attack vectors in these components to proactively drive security improvement across each functional area
• Play a leadership role in Gaming Information Security and Gaming development community setting direction for security for key technologies and serving as a subject matter expert resource for security engineers and business leaders inside and outside of your organization

Qualifications and Skills

• Vulnerability scanners and Penetration Testing tools required
• Anti-exploitation and host hardening
• Database protection tools
• Knowledge in Python, Powershell, Regular expression and other languages
• Knowledge in C++, C#, Visual Studios, and Unity
• ArgOS experience greatly desired
• DevSecOps experience greatly desired
• Working experience and knowledge of Windows and Unix/Linux Operating Systems
• Understanding of ISO27001, NIST CSF, and other common Risk Management Framework terminology, processes, characterization models, etc.
• Understanding of OWASP Top 10
• Good technical writing, documentation, and communication skills
• Strong technical understanding and aptitude for analytical problem-solving
• Strong interpersonal skills
• Ability to collaborate effectively with cross-functional teams and communicate complex security concepts to technical and non-technical stakeholders

Education and Experience

• Bachelor's Degree in Engineering, Computer Sciences, Computer Software, Information Technology, Information Security, or other relevant degree and/or equivalent industry experience
• 2 - 5 years experience in Cybersecurity/Information Security Engineering, Application Security, Secure SDLC, Penetration Testing, System/Network/Cloud Security, and/or related field required
• Master's degree desirable
• CISSP/CISM/CISA/SANS GIAC/SABSA or equivalent certifications desirable

Qualifications