Lead Data Security Engineer

Posted:
9/25/2024, 12:48:21 AM

Location(s):
City of Edinburgh, Scotland, United Kingdom ⋅ Scotland, United Kingdom

Experience Level(s):
Senior

Field(s):
IT & Security

At Rockstar Games, we create world-class entertainment experiences.

Become part of a team working on some of the most rewarding, large-scale creative projects to be found in any entertainment medium - all within an inclusive, highly-motivated environment where you can learn and collaborate with some of the most talented people in the industry.

Rockstar Games is on the lookout for a talented Lead Data Security Engineer with a passion for diving into complex asset development and data workflows, to identify security concerns and opportunities risk reduction.

This is a full-time, permanent and in-office position based in Rockstar’s state-of-the-art game development studio in Edinburgh, Scotland.  

WHAT WE DO

  • The Rockstar Games Application Security team partners with numerous teams across the company to incorporate security practices throughout the asset development and data lifecycle.
  • We strive to understand the threat landscape affecting our development studios, the gaming industry, and the world at large to define secure development workflows and guidelines to safeguard our business and protect our players.
  • We provide guidance and solutions to a wide variety of teams, to ensure that the right people have the right access to the right data at the right time, while also safeguarding sensitive information from unauthorized access.

RESPONSIBILITIES

  • Establish and maintain safety protocols to protect assets, and sensitive data collected and used. 
  • Track trends in the security community and stay abreast of emerging threats.  
  • Maintain inventories of asset and data pipelines covering data classification levels, access patterns, risks and mitigations.
  • Lead engagement with asset development teams to identify security requirements for new and existing products and features, while ensuring other requirements don’t introduce an unintended security impact.  
  • Lead security assessments using manual and automated processes to identify potential security risks that are not within risk appetite.
  • Work closely with engineering and Information Technology teams to design and configure secure solutions that scale across the company.

QUALIFICATIONS

  • BA/BS in a computer science or related field.  
  • Experience of working in an agile environment, delivering incremental and iterative risk reduction.
  • 8+ year(s) of experience working in a professional capacity related to data protection, or similar cybersecurity domains (e.g. data security and identity & access management). 
  • Experience in results-oriented, retail driven environment with strict deadlines and ship dates. 
  • Strong written and verbal communication skills.  

SKILLS

  • Extensive knowledge of defense mechanisms and techniques covering the data security lifecycle (i.e. creation through to destruction).
  • Extensive experience of designing and implementing data access governance controls, covering identification, classification, policies, and auditing.
  • Strong understanding of encryption technologies for data at rest and in transit.
  • Strong understanding of identity & access management concepts such as role-based access controls, principles of least privilege, conditional access, and device trust.
  • Working experience with solution configurations related to data discovery, classification, labelling and designing protection policies.
  • Experience of leading and mentoring junior team members on complex assignments with minimal supervision.

PLUSES

Please note that these are desirable skills and are not required to apply for the position.

  • Experience leading on large scale security projects, maintaining RAID logs and providing stakeholder updates.
  • Experience of working in environments with conditional access requirements for internal and external parties.
  • Strong security understanding of Microsoft solutions such as Active Directory, M365 and SharePoint. 
  • Working experience with CASB and data loss prevention solutions.
  • Understanding of source control systems and CI/CD pipelines.
  • Industry certifications preferred (CISSP, GISP, CSP credentials, etc.). 

HOW TO APPLY

Please apply with a CV and cover letter demonstrating how you meet the skills above. If we would like to move forward with your application, a Rockstar recruiter will reach out to you to explain next steps and guide you through the process.

Rockstar is committed to creating a work environment that promotes equal opportunity, dignity and respect. In line with this commitment, Rockstar will provide reasonable accommodations to qualified job applicants with disabilities during the recruitment process in order for such applicants to be considered for the position for which they are applying, as well as to qualified employees to enable them to perform the essential functions of their roles. If you need more information about Rockstar’s reasonable accommodation policies or process, or need to request an accommodation, please contact the Human Resources Department. 

If you’ve got the right skills for the job, we want to hear from you. We encourage applications from all suitable candidates regardless of age, disability, gender identity, sexual orientation, religion, belief, race, or any other protected category.