Product Security Engineer

Come on board with Neo Group! Here's your chance to join great company with amazing products. We're not just expanding; we're revolutionizing the entire game, mastering profitability with every new venture. But you know what truly fuels our drive? It's people like you. Join us as we embark on a journey to redefine gaming on a global scale.

Neo Group is on the lookout for a Senior Product Security Engineer to join our Engineering Team.

Responsibilities:

• Provide expert security guidance throughout all phases of the Software Development Life Cycle (SDLC) to product development teams and business leaders.
• Lead secure SDLC initiatives, including reviewing system architectures, supporting automated security tools, and conducting threat modeling and penetration testing.
• Manage the Vulnerability Management process: identify, triage, and oversee the resolution of security vulnerabilities.
• Design, build, automate, and maintain a suite of internal security tools to support ongoing security operations.
• Perform technical security reviews and analyses of proposed technical solutions to determine security impact and recommend security controls.
• Conduct independent internal reviews of security controls and information systems to ensure compliance with established policies and best practices.
• Provide clear and detailed overviews of the audit process, executing cybersecurity audits across various company departments.
• Write comprehensive reports for stakeholders, explaining security processes and recommendations in accessible language.
• Develop and monitor key security metrics to assess the effectiveness of security measures implemented.

Requirements:

• Proven experience in conducting penetration testing and scoping security tests for various services.
• Hands-on experience facilitating threat modeling sessions with engineering and product teams.
• Knowledge of selecting, implementing, and maintaining advanced security products and services.
• Proficiency in automation scripting with popular languages such as Python, PowerShell, Ruby, or similar.
• Solid understanding of cryptography, authentication, and authorization protocols.
• Experience in managing security incidents, including developing incident response strategies, conducting post-mortem analysis, and implementing preventative measures.
• Strong collaboration and communication skills, capable of explaining complex security issues to non-technical stakeholders.
• Commitment to continuous professional development in the cybersecurity field.

Desirable Skills:

• Problem-solving aptitude and ability to adapt to rapidly changing technology landscapes.
• Team-oriented mindset with strong interpersonal skills to foster collaboration across various departments.
• Familiarity with key security standards and regulatory requirements (e.g., ISO 27001, NIST frameworks, GDPR, HIPAA) relevant to the industry.

Benefits:

• Recharge your batteries with 20 paid working vacation days annually to explore, relax, and rejuvenate.
• Rest easy with comprehensive medical insurance coverage for employees.
• Stay active and healthy with a monthly sports allowance to support your fitness goals.
• Enhance your language skills with English lessons facilitated by experienced tutors.
• Stay ahead in your field with access to conferences and professional literature to fuel your growth.
• Boost your energy and morale with complimentary snacks available in the office.
• Foster camaraderie and celebrate achievements through engaging in corporate events throughout the year.