Information Security Engineer

About YSI

Yellow Social Interactive is a dynamic and innovative leader in the social gaming industry, dedicated to creating engaging and interactive experiences across various platforms. Our commitment to excellence and creativity sets us apart in the market.

We seek exceptional, talented individuals who aim for excellence. With offices in Gibraltar, Antigua, and bases in Malta and the Philippines, plus a global remote team, we welcome motivated people capable of building and scaling business functions.

Job Purpose

As an Information Security Engineer, you will be instrumental in safeguarding our organisation’s network infrastructure, applications, and data. Your primary responsibility will be to implement and maintain robust security measures to protect against potential threats. You will collaborate closely with cross-functional teams to deploy secure solutions aligned with the latest security trends and industry best practices.

Areas of Responsibility

• Conduct and participate in security assessments and architecture reviews for both corporate and cloud infrastructure (e.g., GCP), ensuring alignment with internal policies and industry standards.
• Continuously monitor network and cloud activity using SIEM and threat detection tools (e.g., Splunk, Wazuh, Orca Security) to detect anomalies and proactively respond to potential threats.
• Regularly assess, upgrade, and fine-tune security technologies and configurations (e.g., Zscaler policies, firewall rules, endpoint tools like NinjaOne) to stay ahead of emerging threats and maintain a strong security posture.
• Assist in the design and documentation of security workflows, such as vulnerability management, incident response, and access reviews, ensuring clarity, scalability, and alignment with business operations.
• Write and maintain security policies, standards, procedures, and frameworks, supporting both operational and compliance requirements (e.g., ISO 27001, PCI-DSS).
• Provide clear and timely communication regarding IT/security system statuses, including scheduled changes, downtime, and incident updates.
• Support and participate in security incident response, including investigation, root cause analysis, remediation recommendations, and post-incident documentation.
• Conduct security and risk reviews for third-party integrations, CASB/SASE implementations (e.g., Zscaler, Cato), and internal projects to ensure proper controls are in place.
• Configure, manage, and optimise firewall solutions (e.g., Checkpoint, Palo Alto) and cloud security controls to protect network boundaries and enforce segmentation.
• Implement, monitor, and manage endpoint security measures, including patching, device hardening, and use of platforms like JumpCloud, OneLogin, or NinjaOne.
• Support the IT asset management process, ensuring that all hardware, software, and security assets are tracked, classified, and adequately protected.
• Develop and maintain security metrics, dashboards, and reports, providing insight into the effectiveness of controls, trends, and areas for improvement.
• Collaborate cross-functionally with IT, and business units, bringing a security lens to shared initiatives while enabling practical, well-communicated solutions.

Requirements

• Minimum 3 years of experience in a similar role.
• Proven hands-on experience as a Security Engineer or Information Security Engineer.
• Strong interest in information security, cloud infrastructure, and security technologies.
• Solid understanding of security principles, protocols, and technologies, with practical, hands-on experience in network, endpoint, and application security tools.
• Demonstrated experience with cloud security best practices, particularly within Google Cloud Platform, and familiarity with AWS and Azure.
• Proficient in using and managing SIEM tools such as Splunk, ELK, or Wazuh for security monitoring and incident investigation.
• Hands-on experience with firewalls and threat protection systems, particularly Checkpoint and Palo Alto.
• Experience with CASB solutions and SASE/SSE platforms such as Zscaler, Cato Networks, Prisma Access, or Perimeter81.
• Familiarity with vulnerability management and compliance tools like Tenable, Orca Security, and asset management platforms.
• Working knowledge of Identity and Access Management (IAM) solutions, such as OneLogin or Okta.
• Experience supporting or integrating with IT management tools for endpoint visibility and automation.
• Excellent problem-solving and analytical skills, with a strong attention to detail.
• Strong communication and collaboration skills, enabling effective work with cross-functional teams.

Desirable

• Experience with Apple MDM platforms (e.g., Jamf, Kandji) and endpoint management.
• Solid understanding of Google Workspace, especially security and configuration.
• Familiarity with Jira and Confluence for ticketing, documentation, and tracking.
• Exposure to change management and ITIL best practices.
• Strong analytical and problem-solving skills.
• Experience in project management and working in cross-functional teams.
• Detail-oriented, disciplined, and a collaborative team player with strong interpersonal skills.

• Competitive salary
• Private Health Insurance
• Flexibility to work remotely on occasion
• Training & Opportunities for professional development
• Dynamic and collaborative work environment
• Performance Bonus

Join our team and contribute to creating a vibrant and supportive social gaming community! If you are a proactive and player-focused professional, apply now and be part of our mission to provide exceptional player experiences.