This position is part of the Jagex Cyber Security Team (CST) and is responsible for supporting and promoting information security within the company and related third parties. The Principal Security Engineer will play a leadership role in the security function and provide technical expertise to support the various service offerings. Reporting to the Director of Cyber Security, the role will work closely with IT engineering and outsourced partners to establish and maintain services required to respond to security alerts, including incident resolution.
- Design and implement technical security controls.
- Solve unique and complex problems related to the domain area.
- Develop and document security processes and plans based on common information security management frameworks (NIST 800-53, NIST CSF, SOC2, ITIL, or CIS).
- Implement and manage processes to operate within a Managed Security Operations Centre.
- Monitor, detect, contain, and remediate security incidents identified by the SOC.
- Work closely with the IT, DevOps, and development teams to identify, assess, and prioritize vulnerabilities across the organization's infrastructure, applications, and systems.
- Develop and deliver clear, concise, and actionable vulnerability reports and recommendations to various stakeholders, including executive leadership, IT, and development teams.
- Monitor industry trends, threat intelligence, and vulnerability disclosures to stay informed about new vulnerabilities and emerging threats.
- Manage risk and ensure compliance with company security policies and standards.
- Stay up to date with the latest security trends and threats.
- A degree or certification in computer science, cyber security, or information technology.
- At least ten years of commercial experience within the information and cyber security domain.
- Experience in IT system administration, network administration, and security operations centre.
- Strong leadership, collaboration, and conflict-resolution skills.
- Excellent interpersonal and communication skills.
- Ability to work with engineers to identify the trade-offs of different solutions and recommend the ideal design that meets the team's (non)-functional requirements as well as required security requirements.
- Thorough understanding of the latest security principles, techniques, and protocols.
- Knowledge of SIEM / Log Aggregators (preferably ELK).
- Working knowledge of vulnerability/compliance, patch management, anti-malware, APT, identity, and access control management toolsets.
- Proven working experience in at least one scripting language (Python, Bash, Perl, etc.).
- Strong knowledge of common vulnerability assessment tools (e.g., Nessus, Qualys, Rapid7) and methodologies.
- Experience in risk management.
- Experience in leading/performing infrastructure threat modelling and architecture reviews.
- Knowledge of AWS security and networking configurations, including but not limited to security groups, subnets, and routing tables.
- Demonstrable background in a security operations environment.
- Background and experience in AWS services and orchestration tools; IAM implementation; Linux Systems; Hashicorp Technologies (Consul, Terraform, Vault, Packer); Containers (Docker, Kubernetes) and Container Management (EKS), Secrets management; Config Management (Puppet, Ansible).
- Modern engineering practices and automation to drive efficiencies. Infrastructure as Code mindset. Code/scripting for practical tasks and tool integrations.
A leader in creating deep and engaging experiences on PC and mobile, Jagex was founded in 2001 and is today one of the UK’s biggest and most respected video game developers and publishers.
Famed for its flagship MMOs RuneScape and Old School RuneScape, Jagex has welcomed more than 260million player accounts to its world and created a $1bn lifetime franchise revenue. Today the RuneScape franchise exists beyond running games in live operations; our titles are living games that connect and inspire millions of players, with content and experiences both inside and outside of inexhaustible game worlds.
Both RuneScape and Old School RuneScape, on PC and mobile, offer ever-evolving, highly-active worlds and our community-focussed development ethos empowers players to have a real say in how each game is shaped.
Jagex is expanding and extending its portfolio with fresh franchise titles, new IP and, in 2018 launched Jagex Partners, delivering third-party publishing and operational services exclusively for the living games of the future.
Jagex employs more than 400 people at its Cambridge headquarters and is on the hunt for talented people to work across the business to help the company to achieve yet another year of record growth and player satisfaction.
- Flexible Working- Bonus Scheme- Private Health Care - Gym Membership- Monthly Energy Allowance- Generous Pension Contributions- Life Insurance- Free Cycle Repair- Income Protection- Dental Plan- Free Fruit and Drinks- Subsidised Canteen
Feel like you fit this role, but don’t meet all the requirements? We strive for fresh perspectives, so as long as you can demonstrate how your attitude and other abilities might make up for any gaps we would welcome your application! Jagex are an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, marriage or civil partnership, pregnancy or maternity, religion or belief.