Senior Security Engineer
At Wizards of the Coast, we connect people around the world through play and imagination. From our genre defining games like Magic: The Gathering® and Dungeons & Dragons® to our growing multiverse, we continue to innovate and build new ways to foster friendship and connection. That’s where you come in!
What You'll Do:
- Security Focus across Data Centers and cloud environments.
- Develop and enhance an information security management governance framework.
- Report to Wizards Security management concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.
- Coordinate internal audits and controls self-assessments to evaluate IT and financial reporting internal controls. Collaborate with IT security teammates to improve the internal controls environment and mitigate IT risk.
- Represent the needs of Wizards with all partners, and driving the external contacts involved with development with minimal direction.
- Assist in defining application security policies and guidelines and lead implementation within a multi-functional team; develop evaluation methods to ensure compliance with policies.
- Implement a comprehensive security plan that encompasses on premises systems, cloud infrastructure, and SaaS vendors.
- Lead in the Maturation of the Cloud Security Program, adoption and creation of metrics.
- Incident Response:
- Architect solutions that enable collaborative development for remote work for studio staff as well as freelancers and outsourcing partners securely and efficiently.
- Be part of the on-call rotation.
- Develop and mature engagement models within Wizards and with our partners.
- Monitor and calibrate security tools to reduce the noise to signal ratio.
- Definition and Implementation of Controls:
- Systems and information security concepts and standards.
- Develop and validate baseline security configurations for operating systems, applications, and networking and telecommunications equipment.
What You’ll Bring:
- 6-10 Years of Security experience in End Point Protection, Network Detect and Response tools. Cloud/On Premise Hybrid environments.
- Outstanding communicator and standout colleague who effectively contributes to engineering discussions with technical and non-technical teams and individuals.
- Experience with implementing native AWS security tools: Control Tower, Guard Duty, VPC Traffic Mirroring.
- Knowledge in digital literacy, and ability to comprehend new programs and tools as they are developed.
- Good interpersonal relationship skills with the ability to handle expectations appropriately, deliver a superior customer/client experience and build long-term relationships.
We are an Equal Opportunity / Affirmative Action Employer
The above is intended to describe the general content of and the requirements for satisfactory performance in this position. It is not to be construed as an exhaustive statement of the duties, responsibilities, or requirements of the position.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. If you are selected to move forward in our application process and need to request an accommodation, please let your recruiter or coordinator know.