An internation iGaming Group is on the looking out for both a Mid and Senior Security Engineer
? Skills, Education and Experience?
1. Education requirement: Bachelor degree or above in computer science, communication, information security related majors.
2. At least 3 years of information security related work experience.
3. Gambling / gaming industry experience preferable.
4. Can show examples of where they have had practical experience of implementing and policing security policy and procedures.
5. Set up secure cloud based systems. (JIRA / SharePoint / etc)
6. Skills required for the job: Familiar with mainstream information security standards and have relevant project consulting experience, including but not limited to ISO27001, ISO27701, ISO29151. Have experience with information security technology, network equipment, security products, and implementing information security products is preferred.
7. Familiar with at least three technical fields listed below: information security management system (ISMS), terminal security technology, network security technology, software development life cycle (SDLC), cloud application security design and management, data security technology, security Vulnerability mining and emergency response, code security audit.
8. Ability to develop in one or more languages such as C/Python/Go/Java, and experience in security tool development is preferred. 9. Certificate requirements: Those who have obtained certifications in related fields such as CISA, CISM, CISP, CISSP, CIPM, CCSP, etc. are preferred.
? Main responsibilities?
1. The construction of security protection capabilities, combined with the actual operating environment, continue to optimize security protection and reinforcement.
2. Infrastructure (IDC, cloud assets, etc.) security baseline formulation, organization review, landing audit and process operation.
3. Security incidents should be urgently responded and drills to ensure the early, middle and rear early warning and disposal capabilities of the incident, avoid various security issues, and then strengthen security, organize and repair various security vulnerabilities (terminals, hosts, etc.) to ensure a closed loop.
4. Develop or improve the safety process specifications at the safety level to ensure standardized landing experiments and terminal safety awareness promotion or training.
5. Establish and continuously improve the safety management platform and promote the implementation of safety service projects
6. Effective security risk exposure analysis (penetration, vulnerability checking, etc.) to form a solution based on the business structure.
7. Set up and implementation of automated security alerts.
8. Establish and maintain a policy of regular security testing
Flexible schedule of work
Possibility for remote work