Information Security Engineer

We consistently top the charts as one of if not the most used Sports Betting website in the countries we operate in.

With millions of weekly active users we strive to be the best in industry for our users.

In this role you will Engineer implement and monitor security measures for the protection of our computer systems applications and infrastructure such as WAF DDoS DNS Networking VPN etc. We are looking for a capable team member who enjoys security work and possesses both deep and wide expertise in the security space.

Our Stack

Languages: Python AWS Lambda

Networking: AWS Cloud AWS Global Accelerator PFSense OpenWRT

VPN: IPSec L2TP OpenVPN Wireguard Zerotier

Computing & Storage: AWS EC2 AWS VPC AWS EBS S3

Monitoring: AWS Cloudwatch

Logging: ELK OpenSearch

CDN: CloudFront Cloudflare

WAF: AWS WAF Cloudflare

DDoS Protection: AWS Shield Cloudflare

Tools: Kali Linux MobSF Frida Metasploit WireShark BurpSuite NMAP etc

Responsibilities

Work directly with the project teams to facilitate building secure workflows processes systems and services

Develop best practices and security standards for the organisation

Understand software infrastructure and internet needs and adjust them according to the business environment

Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks

Ensure the organisation knows as much as possible as quickly as possible about security incidents

Write comprehensive reports including assessment-based findings outcomes and propositions for further system security enhancement

Find cost-effective solutions to cybersecurity problems

Conduct the internal/external security test/audit on our service application and infrastructure

Assist fellow Team Members with cybersecurity software hardware or infrastructure needs

Requirements

3+ years' experience of working as a Security Engineer or other relevant position

Basic coding skills such as HTML CSS Shell Script Python and other languages

In-depth knowledge of database and operating system security

Ability to discover and identify  SQLi XSS CSRF SSRF authentication and authorisation flaws and other web-based security vulnerabilities (OWASP Top 10 and beyond)

Knowledge of common authentication technologies including OAuth SAML CAs OTP/TOTP

Knowledge of browser-based security controls such as CSP HSTS XFO

Experience with standard web application security tools (Arachni BurpSuite)

An understanding of best practices and how to implement them at a business-wide level

Hands-on experience in security systems including firewalls intrusion detection systems anti-virus software authentication systems log management content filtering

Hands-on experience in network security and networking technologies and with system٫ security and network monitoring tools

Fluency in English written and spoken

Beneficial

CyberSecurity certifications such as CISSP CISA/CISM CompTIA Security+ CEH or GSEC would be beneficial

Certifications such as  PMP ISO 27001 LA would be beneficial

Benefits

Quarterly bonuses

We have core hours of 10am-3pm in a local timezone but flexible hours outside of this

Top-of-the-line equipment

Referral bonuses

28 days paid annual leave

Annual company retreat

Highly talented dependable co-workers in a global multicultural organisation

Payment via DEEL a world class online wallet system

Our teams are small enough for you to be impactful

Our business is globally established and successful offering stability and security to our Team Members

Our Mission

Our mission is to be an everyday entertainment platform for everyone

Our Operating Principles

1. Create Value for Users

2. Act in the Long-Term Interests of Sporty

3. Focus on Product Improvements & Innovation

4. Be Responsible

5. Preserve Integrity & Honesty

6. Respect Confidentiality & Privacy

7. Ensure Stability Security & Scalability

8. Work Hard with Passion & Pride

Interview Process

Online HackerRank Test (Max time of 90 Minutes)

Remote video screening with our Talent Acquisition Team

Remote video interview with 3 x Team Members (45 mins each not separate days)

24-72 hour feedback loops throughout process

Post Interview Process

Feedback call on successful interview

Offer released followed by contract

ID Check Via Zinc & 2 references from previous employers

Working at Sporty

The top-down mentality at Sporty is high performance based meaning we trust you to do your job with an emphasis on support to help you achieve grow and de-block any issues when they're in your way.

Generally employees can choose their own hours as long as they are collaborating and doing stand-ups etc. The emphasis is really on results.

As we are a highly structured and established company we are able to offer the security and support of a global business with the allure of a startup environment. Sporty is independently managed and financed meaning we don’t have arbitrary shareholder or VC targets to cater to.

We literally build spend and make decisions based on the ethos of building THE best platform of its kind. We are truly a tech company to the core and take excellent care of our Team Members.