We are seeking a Senior Information Security Engineer to join the Enterprise Security Engineering team within IT Security at ZeniMax. Your primary responsibilities will include providing tailored security consulting and engineering to our IT partners, studios, and users. You will help architect layered security solutions for Global IT systems and ensure stability and reliability of the security infrastructure. Our environment comprises both on-premises and cloud solutions, and the ideal candidate will apply their talents to both. Must be able to mentor the team and possess the ability to communicate with a diverse array of audiences. Responsibilities
- Support development and execution of the company's overall Information Security strategy.
- Architect, design, implement, and maintain information security controls and countermeasures.
- Develop technical solutions and evaluate new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Support and coordinate risk assessments and security evaluations for vendors deploying solutions either on premise or in the cloud.
- Review cloud architecture and advise development teams on robust Security Design principles.
- Identify risks and challenges to cloud architecture designs prior to system or feature deployment.
- Perform engineering, tuning, and provide guidance of network security controls, including IDS/IPS, Web Filtering, Cloud Technologies, Email/Spam, and Firewalls.
- Engineer, implement, and monitor security measures for mobile and endpoint hardening, cloud infrastructure and applications.
- Create and maintain documentation for Information Security processes and procedures.
- Provide guidance for security remediation to business and IT partners.
- Provide guidance and engineering assistance to junior security engineers.
- 5+ years of experience in an information security role.
- Experience implementing and supporting security solutions.
- Experience on Cloud Security & Governance practices and frameworks.
- Strong knowledge of network and infrastructure security architecture.
- Experience working with Linux and Windows operating systems.
- Hands-on experience securing infrastructure hosted on cloud service providers such as Azure, AWS, and Google Cloud Platform.
- Industry certifications preferred: Security+, GSEC, GCED, CEH, CCSP, CISSP
- Cloud Certifications: AZ-500, MS-500, AZ-104
- Experience with Identity and Access Management controls.
- Confidence in asking difficult questions and challenging your team and dependencies while being highly collaborative and open to input.
- Strong passion for information security.
- Experience with SIEM, Email security gateways, EDR solutions.
- Experience working with Agile/Scrum methodologies.
We embrace diversity, equity, and inclusion in everything we do - from recruiting for our studios, publishing and operations to fostering safe and respectful workplaces that encourage collaboration. Our culture is based on principles of respect, inclusion, and fair treatment and we welcome anyone into our family without regard to race, religion, gender identity, sexual orientation, or age.
Our diversity fuels our innovation and inspires us to create game worlds that bring us closer to the global community of players we serve.