Senior Security Engineer (Remote)
Department : Engineering
Employment Type : Full Time
Rivalry has been pushing the boundaries on what an esports betting product can be, and we’ve been doing it well. As our user base grows and we enter new global regions, the demand to create new and better products is increasing.
We're focused on having the best product in the gambling space. We aren’t willing to accept being marginally better.
As the highest engaged esports betting brand in the world we’re now looking to step things up, and that’s where we’re looking at you, Security Engineer, to join the team in helping build the best esports brand in the world.
Does that sound fun? Keep reading!
This is a senior role working alongside the current software engineering team; however, you will also work alongside both experienced and junior developers, as well as various other disciplines in order to share and learn from one another as well as lead projects yourself.
The Security Engineer will be responsible for developing, deploying, and maintaining effective solutions to increase the overall security of Rivalry's products, systems, and data.
In this role, you will work closely with our CTO while being the primary expert and point of contact for all things security.
You will be responsible for leveraging existing solutions and creating innovations to detect and address security incidents, as well as strengthening existing infrastructure to prevent future cybersecurity events.
In essence, the Security Engineer will lead all security initiatives, while identifying and driving the end-to-end remediation of discovered or potential security vulnerabilities.
You will work with product development teams throughout their development cycle, integrating security and educating along the way.
Overall, you will be responsible for access controls, data security, secrets management, and related systems / services within Rivalry's production environment.
We pride ourselves on keeping up with a modern stack, focusing both on web performance and developer quality of life. We work where we get our best work done.
Be it in our Toronto office, remote or a hybrid of both. We're still a team that Pair Programs often, holds regular standups and plays games together regularly.
We are a rapidly changing organization and are always open to discuss what we're focusing on and how we're getting there.
We expect that you'll be a part of our feature planning, as well as helping vet our implementation options.
You will also be a part of
Mentor team members on secure coding practices with a singular focus for the sprint, where you can report back to the CTO.
Provide leadership and direction in the innovation of bleeding-edge security technologies and utilizing a risk-based approach to properly test and introduce them into the overall environment.
Instill a culture that works toward the highest standards in security while ensuring that business requirements are understood and adhered to.
Participate in architecture and security code reviews, providing feedback and direction to others with security as your primary focus.
Review development frameworks and support engineering by designing and implementing fixes for identified vulnerabilities, and security specific automated testing.
Brainstorming sessions where you will contribute ideas for future features and products.
Sprint Planning, where you will break down large epics into smaller actionable tasks with details.
Pair Programming over Tuple, providing support to team members.
Provide technical deep understanding of security systems at different layers, such as network, cloud, endpoint, advanced malware defense, data security etc.
Prototyping concepts as a part of idea exploration.
Skills, knowledge and expertise
Our challenges involve consuming disparate data sources and transforming the data into usable normalized data sets to be actioned within our application.
For instance, we have many sources of data for matches and odds. We need to take these data sources and transform them into a normalized set of matches and data.
Each provider has its own scheme for organizing data. Additionally, we are always looking to optimize the real-time notifications of odds to users through web sockets and push notifications.
Our core platform has a lot of the same challenges that a forex or stock trading system would have.
On a more technical level, your job will be to architect, develop and maintain our application code. You will also be well versed in understanding and explaining internet security issues and / or mobile security issues.
Experience with high concurrency systems, load balanced applications, role-based access control systems, geographic and data residency patterns, clean tested code, performance optimization and instrumentation are very important for success in this role.
You should have a strong understanding (4 or more years experience) of one or more of the following :
Relevant experience as an Software Engineer, Software Architect, DevOps, DevSecOps or Systems Engineer with a passion for security
Proven development background in any programming language : PHP, NodeJS, Rails, Python, Java, Perl. Scala, C++ etc.
You feel comfortable diving into existing code and interacting with developers at all levels of seniority
Ability to conduct code reviews and provide advice on secure product design
Extensive knowledge of some or all of the following : Docker / Containerization, Kubernetes, Security Design, Queuing, Automated testing, Data pipelines
Proven track record of shipping products in an iterative manner
A commitment and drive for quality, technical excellence and results
Knowledge of cryptography and data security standards
Understanding of Integration Security concepts like Mutual Authentication, Open SSO, SAML, OAUTH, Kerberos, JSON Web Token(JWT)
Bonus points :
One or more of the following security certifications : GIAC, CISSP, CISM
Our stack is a makeup of
Laravel (backend API)
NodeJS (microservices and frontend)
Websockets (Extensive use of pusher)
Why work here
We offer a competitive salary and total rewards package including a comprehensive benefits package and stock options (we believe it's important for everyone on our team to own a piece of the company and share in our success).
A chance to work in one of the most exciting and rapidly growing industries.
Work with an extremely talented team who share a love for video games and esports on truly innovative projects; we’re not your typical online gambling site - we’re a tech company first, and a gambling company second.
Work where you get your best work done. Whether that’s in an office (when it’s safe enough) or in the comfort of your own home.
Our offices are located in Toronto, but a large portion of our company works remotely across 17 different countries.
Free video games! Every Rivalry employee gets a monthly stipend.