Information Security Engineer

Information Security Engineer

Sporty Group consistently tops the charts as one of the most used Sports Betting websites in the countries we operate in.

With millions of weekly active users, we strive to be the best in the industry for our users.

Responsibilities

• Work directly with the project teams to facilitate building secure workflows, processes, systems, and services.
• Develop best practices and security standards for the organisation.
• Understand software, infrastructure and internet needs and adjust them according to the business environment.
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
• Ensure the organisation knows as much as possible, as quickly as possible about security incidents.
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.
• Find cost-effective solutions to cybersecurity problems.
• Conduct internal/external security tests/audits on our service, application, and infrastructure.
• Assist fellow Team Members with cybersecurity, software, hardware or infrastructure needs.

Requirements

• 3+ years' experience as a Security Engineer or other relevant position.
• Basic coding skills such as HTML, CSS, Shell Script, Python and other languages.
• In-depth knowledge of database and operating system security.
• Ability to discover and identify SQLi, XSS, CSRF, SSRF, authentication and authorisation flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond).
• Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP.
• Knowledge of browser-based security controls such as CSP, HSTS, XFO.
• Experience with standard web application security tools (Arachni, BurpSuite).
• Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering.
• Hands-on experience in network security and networking technologies and with system, security, and network monitoring tools.
• Fluency in English written and spoken.

Beneficial

• CyberSecurity certifications such as CISSP, CISA/CISM, CompTIA Security+, CEH, or GSEC would be beneficial.
• Certifications such as PMP, ISO 27001 LA would be beneficial.

Benefits

• Quarterly and flash bonuses.
• Flexible hours outside of core hours (10am-3pm local timezone).
• Top-of-the-line equipment.
• Referral bonuses.
• 28 days paid annual leave.
• Annual company retreat.
• Highly talented, dependable co-workers in a global, multicultural organisation.
• Payment via DEEL, a world class online wallet system.