Senior Information Security Engineer

About White Hat Gaming

White Hat Gaming is a state-of-the-art iGaming platform providing a secure, scalable and flexible modular Casino and Sportsbook Player Account Management solution.

We offer operators choice, from our proprietary Player Account Management (PAM) to a full white-label solution. WHG provides market-leading content including Kambi Sportsbook, CRM tools, all payment options, and more than 3000 games from 120 leading games providers.

With over 500 talented colleagues from around the world, we offer a dynamic, collaborative environment where your ideas can flourish alongside industry leaders. Join us and be at the forefront of iGaming innovation!

In Summary:

WHG is seeking a highly skilled and experienced Senior Information Security Engineer to join our fast-growing company. This role is perfect for a senior-level professional who thrives in a fast-paced environment and has a proven track record in cybersecurity, particularly within the online gambling or financial services industries. The ideal candidate will have a deep understanding of security best practices, vulnerability management, and compliance standards like PCI DSS, ISO27001 and SOC 2.

Your day to day:

As a Senior Information Security Engineer, you will be a key leader in our security team. You'll be responsible for maturing our security posture, leading initiatives, and mentoring team members. Your responsibilities will include:

• Collaborating on external security audits, with a specific focus on PCI DSS audits, and supporting the compliance team with data, solutions, and remediation efforts.
• Collaborating and overseeing vulnerability and penetration tests conducted by trusted suppliers. You will be the primary point of contact for understanding test outcomes and working directly with compliance, development, infrastructure, and SRE teams to ensure the timely resolution of all identified issues.
• Manages and continuously improves the organisation's vulnerability and patch management program, including vulnerability scanning, assessment, prioritisation, remediation tracking, and patch deployment across all relevant systems and applications.
• Designing, implementing, and monitoring security metrics to proactively identify and address potential security issues.
• Leading investigations into security incidents and possible breaches, conducting root cause analysis, and developing solutions to prevent recurrence.
• Collaborating closely with the SRE team to identify and eliminate weaknesses in our infrastructure, with a strong focus on both Cloud-based (AWS) security.
• Driving the design and implementation of security automation and tooling to enhance security across the entire business.
• Leading architectural design discussions to ensure secure practices and tools are integrated into all new projects and systems from the ground up.
• Guiding business projects to ensure information security is a foundational consideration throughout the entire project lifecycle.
• Creating and maintaining comprehensive technical process and procedure documentation.
• Mentor junior security staff and share your expertise to help grow the team's capabilities.
• Staying current on new and emerging security trends, threats, and industry standards.
  

What we are looking for:

• Extensive experience in information security, with a proven track record in a senior-level role.
• Significant experience in the online gambling or financial services industry is highly beneficial.
• Deep, hands-on experience with PCI DSS audits and compliance.
• A thorough understanding of penetration tests, vulnerability assessments, and security tooling.
• Strong knowledge of both Cloud-based (AWS) infrastructure and on-premise security requirements.
• Experience with internal scanning and vulnerability management processes.
• CISSP. CompTIA PenTest+, Enterprise Vulnerability Assessor Qualification, Security Certified Professional, or Certified Ethical Hacker certification is highly desirable.
• Excellent communication skills, with the ability to articulate complex security concepts to both technical and non-technical stakeholders.
• Proven ability to work in a fast-paced environment and adapt to changing priorities.
  

How we approach things:

• Dynamic Medium-Sized Environment: We have a can-do ethos, where innovation is encouraged, and action is valued.
• Core Values at Heart: We live by Teamwork, Innovation, Trust, and Integrity in everything we do.
• Results-Oriented Focus: We prioritize getting things done while supporting each other to reach both collective and individual goals.
• Open Collaboration: Our open-door policy fosters collaboration across all levels and departments, where ideas flow freely.
• Global Team: We are truly a global team with people from various counties and cultures contributing to our success.

What we offer:

• A remote and flexible working schedule. 
• Generous time off varied based on the country of residence.
• Discretionary annual performance bonus
• Training and other learning & development opportunities to support you through your career progression.
• Hardware & Software allowance or work equipment is provided to make sure you have all the right tools to get the job done.
• Various well-being programmes and initiatives.

Everything about WHG won't fit into a job ad, want to find out more about working with us? Apply to get the conversation started. 

We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, gender, disability, religion/belief, sexual orientation, or age.

By submitting your application, you agree that we process your data in accordance with our Privacy Policy for the management of your candidature to any of the positions we offer.