Principle Security Engineer
Posted 2 months ago
- Leeds, West Yorkshire
- Any
- External
- Expires In a month
Job title:
Principle Security Engineer
Location:
Leeds, UK
Overview of the role:
We have an exciting new role in our PokerStars Platform Security Architecture team for a Principle Security Engineer. You will support us during our strategic journey in the modernisation of our applications and platform.
You’ll be reporting into the Head of Platform Security Architecture in a team who all share a passion for our products and understanding of our customers behaviour.
You will work with our product, solution architects and engineering teams to ensure our new platforms, their integrations and the supporting AWS cloud infrastructure are secure by design and implemented to best practices. You will provide security expertise and technical thought leadership to a critical function who are building a new platform (Flutter Studios) to provide casino games as a capability across our group.
Our Leeds office is at the heart of our business. The 8-storey building has an onsite staff gym and cafeteria, two heated rooftop terraces, a dedicated gaming room and a staircase amphitheatre. The space brings all our teams under one roof in the biggest private letting office in Yorkshire.
What you’ll do:
Work closely with our solution architects and engineers to provide expert security guidance and direction ensuring the platform components are built and consumed in adherence to industry security standards.
Be embedded in the Flutter Studios function of our company, acting as a single point of contact for all security matters.
Provide hands-on support in building security controls or contributing to secure configurations and features (e.g. cloud security policies, zero-trust authorisation mechanisms).
Help teams in a practical manner to identify and effectively treat risks within our environment, ensuring that ultimately our end players can trust us.
Work with other members of the wider Security Engineering team to ensure we have a consistent and measured approach to security.
What you’ll bring:
Experience protecting customer data in regulated production environments, ensuring compliance with both security best practices and regulatory requirements.
Extensive experience performing security analysis of cloud native architectures using a threat-based approach, implementation of defence in depth, and prioritisation of security controls.
Extensive experience in defining security controls for multi-tenancy platforms with various API driven integration points and data streaming services.
Real world technical “hands-on” experience deploying complex solutions and designing countermeasures to identified security risks.
Experience defining both data plane and control plane security controls for cloud environments ensuring there are no toxic combinations.
Experience defining and implementing modern authentication and authorisation models based on zero trust (ideally with exposure to token-based architecture and verification mechanisms).
Practical working experience and knowledge of workplace technology security solutions e.g., network, email, and endpoint security controls.
Knowledgeable in implementing controls to prevent exploitation of OWASP Top 10, CWE Top 25 vulnerabilities.
Your skills:
Ability to perform security assessments using threat modelling, playbooks, and security patterns to identify weaknesses and appropriate treatment of risks for associated threats.
Ability to identify toxic combinations of design weaknesses in both data and control planes and provide effective remedies.
Ability to provide security patterns, hardening and vulnerability remediation advice.
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Knowledgeable in applying and embedding security as part of the wider software development lifecycle (SDLC) process.
Understand the context of requested changes and ensure that implementation does not weaken the security posture.
Requirements:
Sound understanding and experience working with APIs, AWS, Kubernetes, Kafka, and mTLS.
Sound understanding of cybersecurity standards, methodologies, and frameworks.
Sound understanding of network access controls and identity and access management.
Versed in modern authentication and authorisation practices of zero-trust architectures.
In-depth knowledge of each security domain and how each domain relates to support a secure platform.
A keen interest in learning innovative technologies and a passion for information security.
Be able to work with multiple teams across the business with differing priorities.
Be able to drive initiatives & operate autonomously with support where needed with limited supervision.
Apply a pragmatic and balanced approach to security risk against delivery timelines and business objectives.
It’s ok if you don’t think you tick every box on this list. We love people who want to challenge themselves and are passionate about what they do. If you believe you can contribute in some areas and are eager to learn, we encourage you to
apply.
Why choose us:
Aside from a generous base salary, we have a fantastic benefits & rewards program that is designed to encourage personal and career development.
Your package will include:
Discretionary annual performance bonus.
25 days contractual annual leave + 5 additional days if contractual days are over
Health and dental insurance for you, and 50% coverage for your partner and your children (if you all live at the same address)
26 week's primary carer leave, and 4 weeks secondary carer leave
Personal life insurance and income protection
External learning support of up to £2,000, dedicated 4 learning “Power Hours” every month during office time, full access to the Udemy and Mindtools platforms, in-house leadership programme and many other training opportunities for developing your skills and progressing your career
Looking to extend your family? You will receive a cash gift of £1,000 GBP for your new addition whilst working for us
Online Discount Scheme, including discounted shopping and cinema vouchers.
Equal opportunities:
At Flutter International we are committed to creating an inclusive environment where our people can be their authentic selves and thrive. We embrace and celebrate diversity, respecting all our uniqueness and differences.
We welcome you to let us know whether you have any accessibility needs. All you need to do is email us at
#####
.
Your journey with us is focused on ensuring you have what you need to be your best self.
Learn more about the works we are doing on Inclusion and Belonging here:
The group:
Flutter International
is a proud member of the Flutter Entertainment family, a worldwideleader in sports betting, gaming, and entertainment.We'renot just another company;we'repart of the FTSE 100 index on the London Stock Exchange. What sets us apart is ourexceptional blend of brands, top-notch products, and a global presence that spans across 40countries. What truly defines us is our commitment to ensuring that the thrill of gaming andentertainment is experienced in a responsible and sustainable way. Our remarkable team ofover 8,000 colleagues drives this vision, spread across 28 offices worldwide.
#J-18808-Ljbffr
Principle Security Engineer
Location:
Leeds, UK
Overview of the role:
We have an exciting new role in our PokerStars Platform Security Architecture team for a Principle Security Engineer. You will support us during our strategic journey in the modernisation of our applications and platform.
You’ll be reporting into the Head of Platform Security Architecture in a team who all share a passion for our products and understanding of our customers behaviour.
You will work with our product, solution architects and engineering teams to ensure our new platforms, their integrations and the supporting AWS cloud infrastructure are secure by design and implemented to best practices. You will provide security expertise and technical thought leadership to a critical function who are building a new platform (Flutter Studios) to provide casino games as a capability across our group.
Our Leeds office is at the heart of our business. The 8-storey building has an onsite staff gym and cafeteria, two heated rooftop terraces, a dedicated gaming room and a staircase amphitheatre. The space brings all our teams under one roof in the biggest private letting office in Yorkshire.
What you’ll do:
Work closely with our solution architects and engineers to provide expert security guidance and direction ensuring the platform components are built and consumed in adherence to industry security standards.
Be embedded in the Flutter Studios function of our company, acting as a single point of contact for all security matters.
Provide hands-on support in building security controls or contributing to secure configurations and features (e.g. cloud security policies, zero-trust authorisation mechanisms).
Help teams in a practical manner to identify and effectively treat risks within our environment, ensuring that ultimately our end players can trust us.
Work with other members of the wider Security Engineering team to ensure we have a consistent and measured approach to security.
What you’ll bring:
Experience protecting customer data in regulated production environments, ensuring compliance with both security best practices and regulatory requirements.
Extensive experience performing security analysis of cloud native architectures using a threat-based approach, implementation of defence in depth, and prioritisation of security controls.
Extensive experience in defining security controls for multi-tenancy platforms with various API driven integration points and data streaming services.
Real world technical “hands-on” experience deploying complex solutions and designing countermeasures to identified security risks.
Experience defining both data plane and control plane security controls for cloud environments ensuring there are no toxic combinations.
Experience defining and implementing modern authentication and authorisation models based on zero trust (ideally with exposure to token-based architecture and verification mechanisms).
Practical working experience and knowledge of workplace technology security solutions e.g., network, email, and endpoint security controls.
Knowledgeable in implementing controls to prevent exploitation of OWASP Top 10, CWE Top 25 vulnerabilities.
Your skills:
Ability to perform security assessments using threat modelling, playbooks, and security patterns to identify weaknesses and appropriate treatment of risks for associated threats.
Ability to identify toxic combinations of design weaknesses in both data and control planes and provide effective remedies.
Ability to provide security patterns, hardening and vulnerability remediation advice.
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Knowledgeable in applying and embedding security as part of the wider software development lifecycle (SDLC) process.
Understand the context of requested changes and ensure that implementation does not weaken the security posture.
Requirements:
Sound understanding and experience working with APIs, AWS, Kubernetes, Kafka, and mTLS.
Sound understanding of cybersecurity standards, methodologies, and frameworks.
Sound understanding of network access controls and identity and access management.
Versed in modern authentication and authorisation practices of zero-trust architectures.
In-depth knowledge of each security domain and how each domain relates to support a secure platform.
A keen interest in learning innovative technologies and a passion for information security.
Be able to work with multiple teams across the business with differing priorities.
Be able to drive initiatives & operate autonomously with support where needed with limited supervision.
Apply a pragmatic and balanced approach to security risk against delivery timelines and business objectives.
It’s ok if you don’t think you tick every box on this list. We love people who want to challenge themselves and are passionate about what they do. If you believe you can contribute in some areas and are eager to learn, we encourage you to
apply.
Why choose us:
Aside from a generous base salary, we have a fantastic benefits & rewards program that is designed to encourage personal and career development.
Your package will include:
Discretionary annual performance bonus.
25 days contractual annual leave + 5 additional days if contractual days are over
Health and dental insurance for you, and 50% coverage for your partner and your children (if you all live at the same address)
26 week's primary carer leave, and 4 weeks secondary carer leave
Personal life insurance and income protection
External learning support of up to £2,000, dedicated 4 learning “Power Hours” every month during office time, full access to the Udemy and Mindtools platforms, in-house leadership programme and many other training opportunities for developing your skills and progressing your career
Looking to extend your family? You will receive a cash gift of £1,000 GBP for your new addition whilst working for us
Online Discount Scheme, including discounted shopping and cinema vouchers.
Equal opportunities:
At Flutter International we are committed to creating an inclusive environment where our people can be their authentic selves and thrive. We embrace and celebrate diversity, respecting all our uniqueness and differences.
We welcome you to let us know whether you have any accessibility needs. All you need to do is email us at
#####
.
Your journey with us is focused on ensuring you have what you need to be your best self.
Learn more about the works we are doing on Inclusion and Belonging here:
The group:
Flutter International
is a proud member of the Flutter Entertainment family, a worldwideleader in sports betting, gaming, and entertainment.We'renot just another company;we'repart of the FTSE 100 index on the London Stock Exchange. What sets us apart is ourexceptional blend of brands, top-notch products, and a global presence that spans across 40countries. What truly defines us is our commitment to ensuring that the thrill of gaming andentertainment is experienced in a responsible and sustainable way. Our remarkable team ofover 8,000 colleagues drives this vision, spread across 28 offices worldwide.
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
