Sr. Security Engineer

Skillz San Francisco , CA 94118

Posted 3 months ago

About Skillz:

Skillz is driving the future of entertainment by accelerating the convergence of sports, video games and media for an exploding mobile-first audience worldwide. The company's platform empowers mobile game developers and players with democratized access to fun, fair and skill-based competition for real prizes, shifting the paradigm to make eSports accessible to anyone, anywhere with a mobile device.

Skillz helps developers build multi-million dollar game franchises by turning content into competitive social gaming properties for the world's 2.6 billion gamers. The company has already worked with 13,000 game developers, leveraging its patented technology to host over 800 million tournaments for 18 million players worldwide.

This year, Skillz was recognized as one of Fast Company's Most Innovative Companies and CNBC Disruptor 50 (for the second time). In 2018, Skillz was listed as one of Forbes' Next Billion-Dollar Startups and Entrepreneur Magazine's 100 Brilliant Companies. In 2017, Inc. Magazine ranked Skillz the No. 1 fastest-growing private company in America.

The company is backed by leading venture capitalists, media companies, and professional sports luminaries, ranging from Liberty Global, Accomplice, Wildcat Capital, Telstra Ventures, and a founder of Great Hill Partners to the owners of the New England Patriots, Milwaukee Bucks, New York Mets, and Sacramento Kings.

Responsibilities

  • Collaborate with teams across Skillz to ensure security best practices are leveraged as we roll out new features and expand our platform offerings.

  • Define and drive secure SDLC include: security best practices, security architecture, design/code reviews, threat modeling, security tools, penetration testing, incident response.

  • Proactively research new attack vectors that may affect Skillz services.

  • Research, prototype, integrate security tools into CI/CD pipeline, include: container security, static, dynamic, application scanning, third party vulnerability scanning, etc.

  • Build automation and detection models to support identification of anomalous activity and response activities to mitigate insider and external threats at scale.

Qualifications

  • BS in Computer Science, Computer Engineering, Cybersecurity or related field or relevant experience.

  • 5+ years of recent experience in a security focused engineering role within a large scale, cloud facing company.

  • Coding proficiency of one or more programming languages: Python, Java, JavaScript, Go, or Ruby.

  • Experience in SaaS security models, cloud security architecture and cloud infrastructure.

  • Understand security challenges in large-scale systems and service architectures.

  • Excellent communication skills and strong ability to clearly articulate security content and risks, and mitigation.

  • In-depth cloud infrastructure security to cover both the control and service planes.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Sr Security Engineer

The Ashlar Group

Posted 7 days ago

VIEW JOBS 1/21/2020 12:00:00 AM 2020-04-20T00:00 Client - Insurance Company Role - Sr. Security Engineer Location - San Francisco, CA Salary - $130,000 - $135,000/year The Sr. Security Engineer is a member of the IT Security team and bolsters and maintains the security posture of Esurance applications, services and infrastructure in order to protect against security threats including intrusions, malware, system-level breaches, unauthorized access, insider attacks and loss of proprietary information. This individual is expected to be available for off-hour support as part of an on-call rotation and to travel within the continental Unites States as needed. Responsibilities * Proactively works with IT and the business to identify security risks and implement practices that meet standards for information security. * Security Architecture - Architects security solutions and technically leads their implementation from end to end. * Security Incident Response - Oversees threat management and security incident handling, including the coordination of investigations and reporting of security incidents to management, in alignment with business needs and regulatory requirements. * Implementation of Security Controls * Designs and implements controls to meet companies security and compliance needs. * Log Review - Reviews consolidated system logs and other audit trails on a regular basis for indications of attacks. * Vulnerability Management * Works with Esurance development and infrastructure teams to identify and remediate application- and infrastructure-related vulnerabilities. * Security Expertise * Serves as a resource cross-functionally to share security insight and best practices with teams across the company. * Security Governance - Develops Information Security Policies, Standards, Procedures and best practices to support Esurance?s security control framework * Security Due Diligence - Ensures that security is factored into the evaluation, selection, and configuration of hardware, applications and software. * Security Assessments - Conducts third party security assessments as required. * Compliance - Ensures compliance to Esurance control framework and best practices through continuous monitoring and gap analysis. Provides support and guidance for legal and regulatory compliance efforts, including audit support. * Security Awareness - Promotes information security awareness and develops information security as a core competency throughout the company. * Security Monitoring - Ensures audit trails, systems logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements. * Evolution and Skill Enhancement - Stays current with security technologies and threats by monitoring vendor and industry publications and attending training. Qualifications * Security engineering experience, including experience implementing encryption, intrusion detection, network security, multiple operating systems (Windows, Linux, etc.), directory services (Active Directory, LDAP), Virtualization Security, Security Information and Event Management (SIEM) tools and log management, web application and network vulnerability scanning, etc. * Experience with Network Security technologies including Firewalls, IDS/IPS system, cryptographic systems, identity management systems, RADIUS, and TACACS * Ability to work independently as well as a member of a team * Ability to articulate security issues in terms of business risk * Analytical skill, technical knowledge and practical application of information security at a business and technical level * Experience in the Financial Services industry and solid understating of ISO 27001, SOX and Payment Card Industry (PCI) Data Security Standards (PCI DSS) as well as experience in the implementation of controls to mitigate PCI issues * CISSP certification is highly desirable Experience / Education: * Bachelor's degree (B.S.) in Computer Science or equivalent job experience * Minimum 5 years experience implementing security solutions and processes * Minimum 5 years experience with Network Security technologies The Ashlar Group San Francisco CA

Sr. Security Engineer

Skillz