Who we are
The Workshop is a tech company that develops intuitive software for the online gaming industry. Our motto is to move “Fearlessly Forward” together. Cooperative innovation is at the center of everything we do – from our games, new products and technologies, to how we collaborate and share inspiration with one another.
Your Mission
We are looking for a passionate Cyber Security Vulnerability Engineer to act as a conduit between the infrastructure teams that support and administer the IT Infrastructure and the Cyber Security Team. Primary responsibilities of the role will be prioritized remediation of vulnerabilities and onboarding of assets into the VM solution.
You will work on vulnerability scans, analysis, and reporting to support the Vulnerability Management program across assets globally. You will deploy and operate vulnerability detection and remediation capabilities in both our on-premise and cloud environments.
You will have the opportunity to drive fundamental change, through a necessity to get involved with and influence myriad projects, programs, and initiatives across the group, as well as within the Cyber Security team.
What you’ll do
- Collaborating with the wider Information Technology Group teams to remediate vulnerabilities at scale
- Articulate the security and business risk for vulnerabilities that can’t be immediately resolved.
- Provide pragmatic and proportionate guidance to mitigate security risk when It’s not possible to patch a vulnerability immediately.
- Provide cybersecurity technical expertise for technology solutions.
- Collaborate with stakeholders on requests for new and changing technology solutions, acting as a trusted business partner and advisor.
- Provide technical expertise to drive vulnerability remediation on existing IT platforms.
- Create technical guidance and instructions for Engineers implementing security fixes.
- Lead the review of security vulnerabilities across a variety of technologies and environments to determine high risk vulnerabilities to business assets
- Provides expert level analysis/validation of remediation actions taken, opportunities for improvements and out of the box thinking for optimizations and solving road blocks
- Identify attack surface reduction opportunities via vulnerability data analysis, trends and asset metadata review as well as collaboration with threat intelligence and technology management
- Actively participate in our cross functional security expert’s community
- Create and present findings on cyber-security threats, attacks, incidents, and other indicators of Cyber Security issues.
- Assessing and reporting the organisation’s risk exposure and measuring the variety of parameters which make up said risk.
- Optimising and automating repetitive tasks. Constantly seeking to improve how we operate, from daily tasks to fundamental domain constructs.
- Participating in knowledge sharing with other Engineers and subject matter experts to continuously develop solutions and improvement opportunities.
What you’ll bring:
- An inquisitive nature and a problem-solving approach.
- A record of complex business engagement and delivery.
- A commanding voice and fresh ideas.
- A thirst for learning and a willingness to challenge how things are done when opportunity to improve is available.
- In-depth knowledge of cyber-security concepts and technologies.
- An enthusiastic and ambitious attitude.
- A drive to figure things out from your own initiative.
- A people first approach.
Some useful skills and/or knowledge areas:
- Hands-on experience with endpoint and server vulnerability remediation with technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms and applications.
- Understanding of a variety of technical concepts such as: Networking, systems administration, application development, DevSecOps and cloud infrastructure development environments
- Experience using vulnerability assessment tools.
- Understanding of threat actors (how they operate and how they subvert common security controls)
- Knowledge of network services, vulnerabilities, attacks and application exploits.
- Understanding of system deployment and configuration technologies, implementing in a highly secure environment.
- Experience in enterprise management & configuration of Windows & Mac operating systems
- Mobile Device Management (MDM) experience
- Active Directory expertise
- Validate proper mitigation controls are in place until remediation activities are complete.
- Benchmark golden images to ensure compliance with industry standards.
- Maintain patch and vulnerability management best practices to protect against the exploitation of known/detected vulnerabilities.
What’s in it for you
- Inspiring and fulfilling work at an innovative and values-driven company creating cutting-edge tech
- Attractive salary and customisable benefits package
- Flexible working hours and ways of working
- Contemporary and accessible office environments with a range of workplace perks
- Six weeks’ paid leave for every four years of service
- Relocation package for you and your family including soft-landing package services to help you settle in (applicable in Spain, if you are moving from a different city/country)
- Being part of a team with a forward-looking, international mindset and agile working practices
- A friendly, inclusive and multicultural environment (we are made up of over 35 nationalities, speaking almost 30 languages)
- Wellbeing programmes, learning and personal growth opportunities
- A range of employee events throughout the year, including team building activities, Learning Labs, Hackathons and Designathons
- Opportunities to shape the tech community within and outside of the company, through mentoring and knowledge-sharing
Our values
We understand that great ideas come from great people, and great people thrive when they’re trusted to challenge, change, improve, and perfect our products and processes. Our forte lies in the diversity of our skills – and that comes from the diversity of our people.
We are committed to being a diverse and inclusive workplace, where we all learn together, trust each other, and value collaboration. We welcome candidates of all genders, gender identity and expression, sexual orientation, disability, physical appearance, body size, race, age, nationality, belief (or lack thereof), and programming language preference. As an equal opportunity employer, we offer a friendly, supportive working environment for all. It’s a place where you can try new ideas, take risks, and enjoy the support to move Fearlessly Forward.