gamedevjobs logo
Explore Jobs

Principal Security Engineer



Jagex, a UK-based video game developer and publisher, is seeking a Principal Security Engineer to join their Cyber Security Team. The role involves supporting and promoting information security within the company, working closely with IT engineering and outsourced partners to establish and maintain services required to respond to security alerts and incidents resolution. The ideal candidate should have at least seven years of commercial experience within the information and cyber security domain, hands-on experience in IT system administration, network administration, and security operations center. They should also have a thorough understanding of the latest security principles, techniques, and protocols, and experience in vulnerability management, ethical hacking, threat modeling, secure network architectures and technologies, advanced persistent threats (APT) prevention and detection, SIEM, Carbon Black, and scripting and automation tools. The role offers flexible working, a bonus scheme, private health care, gym membership, and other benefits.

Job description

Job Purpose:

This position is part of Jagex Cyber Security Team (CST) and is responsible for supporting and promoting Information security within JAGEX. This role requires technical related skills and sets to support our Security function through its various service offerings.
Reporting to the Head of Security, the role will work closely with IT engineering and the outsourced partners to establish and maintain services required to respond to security alerts including incidents resolution.
You will have Security Tool Administration experience as well as experience of building and maintaining security systems. Thorough understanding of the latest security principles, techniques, and protocols.
The principal security engineer will have a solid understanding of security technologies at an SME level. You will provide engineering expertise to and on behalf of the Security Operations Centre (SOC) with regards to security infrastructure and tooling. SOC tooling would typically include SIEM, IDS/IPS, End Point Management, etc.
You will apply technical knowledge to operate within a technology area e.g., SOC tooling applications technical security management etc.

You will likely have experience in the following areas.
·         Vulnerability Management.
·         Ethical hacking and threat modelling.
·         Alert triaging.
·         Secure network architectures and technologies.
·         Advanced persistent threats (APT) prevention and detection.
·         SIEM.
·         Carbon Black.
·         Scripting and automation tools.

Key Duties Include:

    • Design and implement technical security controls.
    • Solve unique and complex problems related to the domain area.
    • Experience of developing and documenting security processes and plans based on common information security management frameworks (ISO 270x, SOC2, ITIL, COBIT, NIST or CIS).
    • Implement and manage processes to operate within a Managed Security Operations Centre.
    • Build out a supporting function to the outsourced SOC.
    • Knowledge of AWS security and networking configurations e.g., security groups, subnets and routing tables.
    • Responsible for monitoring, detecting, containing, and remediating security incidents being identified by the SOC.

Essential Requirements:

    • At least seven years commercial experience within the information and cyber security domain. Hands on experience in IT system administration, network administration, security operations centre would be advantageous.
    • Excellent interpersonal and communication.
    • Demonstrated ability to work with engineers to identify the trade-offs of different solutions and recommend the ideal design that meets the team's (non)-functional requirements as well as required security requirements.
    • Strong writing and presentation skills. Should be able to communicate at all levels in the organizations and in some situations act as a technical writer. Possess the ability to communicate concisely, clearly, and intelligently to members from a variety of backgrounds, including those who are non-technical.
    • Knowledge of SIEM / Log Aggregators (preferable ELK).
    • Working knowledge of vulnerability/compliance, patch management, anti-malware, APT, identity and access control management toolsets.
    • Proven working experience in at least a scripting language (Python, Bash, Perl, etc).

Desirable Skills:

    • Demonstrable background in a security operations environment.
    • Background and experience in AWS services and orchestration tools; IAM implementation; Linux Systems; Hashicorp Technologies (Consul, Terraform, Vault, Packer); Containers (Docker, Kubernetes) and Container Management (EKS, Secrets management); Config Management (Puppet, Ansible).
    • Modern engineering practices, automation to drive efficiencies. Infrastructure as Code mindset. Code / scripting for practical tasks and tool integrations.

Company Overview:

A leader in creating deep and engaging experiences on PC and mobile, Jagex was founded in 2001 and is today one of the UK’s biggest and most respected video game developers and publishers.

Famed for its flagship MMOs RuneScape and Old School RuneScape, Jagex has welcomed more than 260million player accounts to its world and created a $1bn lifetime franchise revenue. Today the RuneScape franchise exists beyond running games in live operations; our titles are living games that connect and inspire millions of players, with content and experiences both inside and outside of inexhaustible game worlds.

Both RuneScape and Old School RuneScape, on PC and mobile, offer ever-evolving, highly-active worlds and our community-focussed development ethos empowers players to have a real say in how each game is shaped.

Jagex is expanding and extending its portfolio with fresh franchise titles, new IP and, in 2018 launched Jagex Partners, delivering third-party publishing and operational services exclusively for the living games of the future.

Jagex employs more than 400 people at its Cambridge headquarters and is on the hunt for talented people to work across the business to help the company to achieve yet another year of record growth and player satisfaction.

Company Benefits:

- Flexible Working
- Bonus Scheme
- Private Health Care
- Gym Membership
- Monthly Energy Allowance
- Generous Pension Contributions
- Life Insurance
- Free Cycle Repair
- Income Protection
- Dental Plan
- Free Fruit and Drinks
- Subsidised Canteen

Feel like you fit this role, but don’t meet all the requirements? We strive for fresh perspectives, so as long as you can demonstrate how your attitude and other abilities might make up for any gaps we would welcome your application!
Jagex are an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, marriage or civil partnership, pregnancy or maternity, religion or belief.
Apply for this job

Location: Cambridge

Country: United States

Date found: 2023-03-17

If you're tired of sifting through endless job postings, try our AI-powered job search tool!

It's a game-changer.

Subscribe to all Engineering jobs in United States