Senior Information Security Engineer - Pokerstars, Hybrid & Remote

Senior Information Security Engineer - Pokerstars, Hybrid & Remote

Cyber Security Senior Engineer 1

We are looking for a Senior Information Security Engineer to join our Application Security team in Romania. “ This is a great opportunity for an experienced security professional to be the lead person to design a vulnerability management from the initial solution design through to deployment and operation and consumption of our services by internal business units and stakeholders .” 

 
Are you our next star player? 
As a Senior Information Security Engineer, you will join our Application Security team.  As part of this team, you will work with security engineers and collaborate with all stakeholders to ensure our vulnerability management practices are solid are aligned with Security by design best practices.  Focusing on specific areas, you will gain in-depth knowledge and provide security expertise. 

 
Why we need you 
Reporting to the Lead Application Security Engineer, you will: 

• Work closely with fellow security engineering teams and Tribe Stakeholders to provide expert security guidance and direction on vulnerability management practices ensuring our players can trust us. 

• Help teams identify and effectively treat vulnerabilities within our environment. 

• Work with other members of the wider Security Engineering team to ensure we have a consistent and measured approach to security. 

Who we’re looking for: 
An experienced senior information security engineer capable of providing expertise on all aspects of security engineering. 
Your experience: 

• Extensive experience performing security analysis of on-prem and cloud architectures including threat assessments of identified weaknesses. 

• Experience of working with CVSS, EPSS and other vulnerability management frameworks 

• Experience acting as a subject matter expert and mentor for other colleagues. 

• Working exposure on cloud security services and controls including identity and access management. 

• Working exposure on application security capabilities and controls including (SAST, SCA, Threat Modelling, External Vulnerability Scanning) 

Your skills: 

• Ability to to assess vulnerabilities based on application stacks and current threat landscape. 

• Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 

• Real-world technical “hands-on” experience deploying complex solutions and designing countermeasures to identified security risks. 

Requirements: 

• Sound understanding of cybersecurity standards, methodologies, and frameworks. 

• Experience with vulnerability management tools such as: Kenna, Tenable, AWS Inspector, AWS Patch Manager

• In-depth knowledge of vulnerability management and how to build a vulnerability management program and continue improvements. 

• A keen interest in learning innovative technologies and a passion for information security. 

• Be able to work with multiple teams across the business with differing priorities. 

• Be able to drive initiatives & operate autonomously with support where needed, but limited supervision 

What can you expect: 

• 25 days of annual leave; 

• Sharesave scheme; 

• „Flexible Benefits” of your choice; 

• Private health insurance (includes dental insurance and health assessments); 

• Free parking; 

• Thousands of courses online through ‘Udemy'; 

• Working from home options. 

Ways of working: 
Flexible working is our way of working! We're a diverse workforce and therefore a 'one size fits all' approach isn't necessarily best. Whatever your personal needs may be, let's have a chat and see how we can accommodate them; 
We thank all applicants for their interest, however only the suitable candidates will be contacted for an interview. 
By submitting your application online, you agree that: your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record. If your application is unsuccessful, we will retain your details for a period no longer than two years, in order to consider you for prospective roles within our company.