Senior Security Engineer
Jackpocket is the first mobile lottery app in the U.S. that offers players a secure way to order official state lottery tickets, such as Powerball, Mega Millions, and more, via their smartphones. We're creating a more convenient, fun, and responsible way to play the lottery by modernizing the $300B global lottery market with a mobile platform that everyone, including grandma, can feel good about.
Jackpocket is looking for an experienced self-driven Senior Security Engineer that can help the company tighten up its security as it continues to grow into new markets. This is the first position of its kind at Jackpocket. You’ll be tasked with leading the charge when it comes to information security, cyber attack risk assessment and prevention, endpoint security as well as buttoning up existing development processes. This is the perfect position for someone with a lot of experience that would like to put their skills to their full potential and make real impactful changes early on in the company’s life.
Responsibilities
- Work alongside Developers and DevOps to ensure that system security is properly taken into account
- Introduce and implement security controls and counter-measures across the entire Jackpocket infrastructure. This includes:
- Protecting services like Databases, Caching layers, Networking, and Internal networks
- Utilize existing cloud services IAM and policies
- Work with Google Cloud Security Command Center and implement their best practices
- Help build a monitoring solution to detect threats, and suspicious activity
- Provide security insight and expertise to all Jackpocket employees
- Work with the exec team, compliance, and tech to implement regulation requirements
- Document security guidelines and policies
Qualifications
- 6+ years of work as a Security Engineer or a comparable position
- Deep knowledge and experience with Linux systems
- Proven track record implementing security at companies
- Administered IAM, security on AWS or GCP
- Knowledge of network security
- 3+ years of cyber security experience
- Experience with PCI, SOC compliance, and privacy regulations
- One or multiple certificates such as CISSP, CISM, Sec+
Bonus
- Kubernetes experience
- Worked with Ruby on Rails
- Managed security for a GCP infrastructure
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.