About the role 

Fortis Games is hiring for a Staff Security Operations Engineer to implement threat detection signals, deploy new tooling, and improve response capabilities.

​​What you will achieve

• Incident Response: Respond promptly to security incidents, conduct investigations, and implement remediation actions to mitigate risks and minimize impact.
• Penetration Testing: Perform regular penetration tests and vulnerability assessments on Fortis' game builds, infrastructure, and applications to identify weaknesses and recommend security enhancements.
• Threat Detection and Monitoring: Utilize tools and technologies to monitor for security threats, analyze security events and alerts, and take proactive measures to defend against potential attacks.
• Endpoint Security Management: Manage and configure endpoint security solutions, such as Crowdstrike Falcon, to protect Fortis' devices and endpoints from malware, exploits, and other threats.
• SIEM Implementation: Build and maintain SIEM systems to centralize and analyze security event data, identify patterns and anomalies, and facilitate effective incident response.
• Forensic Analysis: Conduct forensic analysis of security incidents, collect and preserve evidence, and provide detailed reports and findings to support incident investigations.
• Security Assessments: Conduct security assessments and audits of Fortis' games and infrastructure to identify compliance gaps and security vulnerabilities.
• Coordinate with IT operations, Game Development teams on implementation and support of the Incident Response processes
• Severity Triage and Remediation: Understand and categorize security incidents based on severity levels, prioritize response efforts accordingly, and implement remediation actions to address each incident's impact.

What you will need to be successful 

• 5+ years of experience in security operations, incident response, or related roles.
• Strong knowledge of cybersecurity principles, practices, and frameworks (e.g., NIST 800-53, ISO 27001).
• Hands-on experience with penetration testing tools and techniques.
• Familiarity in AWS cloud security, including IAM, VPC, and S3 security controls.
• Proficiency with enterprise security solutions (EDR, MDM, SAST, SIEM, etc.,)
• Experience building and maintaining SIEM systems for security event management and analysis.
• Understanding of security assessments, GRC frameworks, and regulatory compliance requirements.
• Ability to conduct forensic analysis
• Excellent analytical and problem-solving skills, with the ability to troubleshoot complex security issues.
• Strong communication and collaboration skills, with the ability to work effectively in a team environment.
• Prefer Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience).
• Prefer CISSP, CISM, or OSCP