Tweet

A leader in creating deep and engaging experiences on PC and mobile, Jagex was founded in 2001 and is today one of the UK’s biggest and most respected video game developers and publishers.

Famed for its flagship MMOs RuneScape and Old School RuneScape, Jagex has welcomed more than 260million player accounts to its world and created a $1bn lifetime franchise revenue. Today the RuneScape franchise exists beyond running games in live operations; our titles are living games that connect and inspire millions of players, with content and experiences both inside and outside of inexhaustible game worlds.

Both RuneScape and Old School RuneScape, on PC and mobile, offer ever-evolving, highly-active worlds and our community-focussed development ethos empowers players to have a real say in how each game is shaped.

Jagex is expanding and extending its portfolio with fresh franchise titles, new IP and, in 2018 launched Jagex Partners, delivering third-party publishing and operational services exclusively for the living games of the future.

Jagex employs more than 400 people at its Cambridge headquarters and is on the hunt for talented people to work across the business to help the company to achieve yet another year of record growth and player satisfaction.

Job Purpose:

JAGEX are undertaking a Security transformation project and have the requirement for a Cyber Security engineer to assist and augment existing engineering teams. The JAGEX Cyber Security team works together with our product teams to improve security and minimise risks within our products and services.

You will play a key role working closely with IT Product management, Cyber security team and various other internal stakeholders.

This role will report to the Head of Security and will work closely with IT engineering and outsourced Security teams to establish and maintain services required to mature security across all in scope areas.

As part of your role will also have the responsibility for defining and maintaining the security standards and other various processes to support security activities.

You will be a crucial player by evangelising security to the various internal teams assisting with security improvements and relevant remediations where that is required by sharing your experience and expertise to build security awareness with business stakeholders, business/application/solution architecture, IT and operational teams.

Key Duties Include:

  • Support projects in identifying, evaluating risks, and proposing relevant countermeasures.
  • Maintain and improve the security posture of AWS (best practices, hardening etc).
  • To work in close collaboration with Security team, Technology Managers, and projects team to build security standard and solutions.
  • Participate in evaluation and selection of products and security solutions, set the security requirements, and coordinate or run POCs.
  • Provide cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures.
  • Automate security controls, data, and processes to provide better metrics and operational support.
  • Contribute to the maintenance of Information Security policies and standards.
  • Develop, maintain, and share security best practices.
  • Collecting feedback from stakeholders, detect unaddressed security needs and identify opportunities for collaboration.
  • Become the go-to person for a given security domain.
  • Ability to work well as part of a team while leading and mentoring other team members.

Essential Requirements:

  • Proven commercial experience in a similar role.
  • Proven experience with AWS and securing such environments.
  • Strong knowledge of and experience using and securing Windows and Linux/Unix operating systems.
  • Experience in securing networks & hardening of various OS.
  • Any experience of automation tools a plus (Terraform, puppet).
  • Good understanding of vulnerability and patch management processes and technologies.
  • Configuring, tuning, and troubleshooting security solutions to maximize benefits and return on investments.
  • You have worked with different SIEM-s/Log aggregators and understand what happens under the hood. (Experience with ELK Stack would be an advantage).
  • Experience in the defining and implementation of infrastructure patching standards and schedules.
  • The candidate is expected to be proficient and experienced with security frameworks, such as: NIST CSF, CIS etc.
  • Good understanding of a common scripting language (PowerShell, Bash, Python, etc.), and the confidence to troubleshoot and adapt scripts to new requirements.

Desirable Skills:

  • A good understanding of Agile Methodologies, experience working in Kanban, or as part of a cross-functional team. Experience of using Jira, slack, SharePoint would be an advantage.
  • Demonstrable background in a security operations environment.
  • Understanding of threat intelligence and SOAR technologies.
  • Any of the following Qualifications:

Company Benefits:

  • Flexible Working
  • Bonus Scheme
  • Private Health Care
  • Gym Membership
  • Generous Pension Contributions
  • Life Insurance
  • Free Cycle Repair
  • Income Protection
  • Dental Plan
  • Free Fruit and Drinks
  • Subsidised Canteen

Feel like you fit this role, but don’t meet all the requirements? We strive for fresh perspectives, so as long as you can demonstrate how your attitude and other abilities might make up for any gaps we would welcome your application!

Jagex are an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, marriage or civil partnership, pregnancy or maternity, religion or belief.