Lead Security Engineer
Posted on Tuesday, May 16, 2023
Live experiences help make us human, bringing us across today’s social and digital divides to focus on what truly connects us - the here, the now, the once-in-a-lifetime moment that we share - together. To fulfill Gametime’s vision to unite the world through shared experiences, we deliver fans an extraordinary experience for enjoying, discovering, and purchasing last-minute tickets to live events.
With platforms on iOS, Android, mobile web, and desktop supporting events across the US and Canada, we are reimagining the event ticket experience in a mobile-first world.
We are looking for an experienced Lead Security Engineer with a strong focus on Cloud Compliance and Automation to fortify Gametime’s digital defenses. You will be responsible for designing, implementing, and maintaining effective security measures to safeguard Gametime’s systems and data from cyber threats. You will work closely with SRE and engineering teams to ensure the security of our cloud-based infrastructure and applications. This role is pivotal in ensuring the security and compliance of our cloud infrastructure and promoting a culture of security awareness across the organization.
What you'll do / own:
- Security & Compliance
- Design, implement, and maintain security policies, standards, and procedures to improve Gametime’s security posture across all cloud-based services and infrastructure
- Responsible for managing the policies, procedures, and controls to ensure that our organization meets and maintains compliance with recommended security standards.
- Perform architectural and design reviews through the security lens and provide timely, actionable requirements and recommendations.
- Automation & Infrastructure
- Design, implement, and manage security within infrastructure using Infrastructure as Code (IaC) tools, such as Terraform, to ensure secure and scalable cloud deployments.
- Provide guidance and/or implementation for automating security checks within CI/CD pipelines, such as using SCA, SAST, and DAST tools.
- Work with other teams to ensure security is integrated at every phase of the software and infrastructure lifecycle.
- Leadership & Collaboration
- Act as a security evangelist, promoting a culture of security awareness and best practices across the organization.
- Develop and lead security training programs and exercises for various teams and departments (such as onboarding training, phishing simulations, tabletops, etc).
- Collaborate directly with IT to ensure security controls are consistently applied and maintained across all company hardware and software.
A little more about you:
- Bachelor's degree in computer science, Information Security, or a related field
- 7+ years of experience in public cloud security
- Strong knowledge of AWS, especially IAM and AWS Well-Architected Framework
- Hands-on experience with Infrastructure as Code (IaC) tools, such as Terraform or Ansible
- Knowledge of security technologies such as firewalls, intrusion detection/prevention systems, WAFs, and data encryption solutions
- Familiarity with compliance frameworks and regulations such as ISO 27001, NIST CSF, SOC 2, HIPAA, etc
- Excellent communication, leadership, and policy-writing skills
What we have to offer:
- Flexible PTO
- Medical, dental, & vision insurance
- Life insurance and disability benefits
- 401K, HSA, pre-tax savings programs
- New equipment setup provided
- Wellness programs
- Tenure recognition
- Diverse family forming benefits through Carrot Fertility
Gametime is committed to bringing together individuals from different backgrounds and perspectives. We strive to create an inclusive environment where everyone can thrive, feel a sense of belonging, and do great work together. As an equal opportunity employer, we prohibit any unlawful discrimination against a job applicant on the basis of their race, color, religion, veteran status, sex, parental status, gender identity or expression, transgender status, sexual orientation, national origin, age, disability or genetic information. We respect the laws enforced by the EEOC and are dedicated to going above and beyond in fostering diversity across our company.