Security Engineer
We’re reimagining sports and technology.
DraftKings is bringing sports fans closer to the games they love and becoming an essential part of their experience in the process. An industry pioneer since our founding in 2012, we believe we can continue to define what it means to be a technology company in sports entertainment. We love what we do and we think you will too.
The strategy behind the game.
As a member of the Information Security Team, you’ll be continuously attacking and defending the DraftKings web applications, cloud environments, and networks to ensure security for our customers and employees. Our team consists of forward-thinking individuals who want to disrupt the traditional mold through progressive design, automation, and system implementation practices.
What you’ll do as a Security Engineer:
- Test defensive controls and security response at DraftKings.
- Triage information security alerts and take appropriate action when real threats are discovered.
- Design and audit cloud security solutions to enable production security operations.
- Coordinate with IT, site reliability, and engineering teams to track and ensure security findings get resolved in a timely manner.
- Research, design, and advocate new technologies, architectures, and security products that will support security requirements for the cloud and cloud-enabled products.
- Assist in penetration tests against the DraftKings web application and DK office networks to continuously find and remediate security issues.
What skills you will need:
- Thorough understanding of core Information Security principles such as CIA triad, malware, vulnerabilities, exploits, attacks, firewalls, intrusion detection/prevention systems, etc.
- Scripting or development experience in either Python, Ruby, PowerShell, C#/.Net, etc., and extensive operations experience in either Linux or Windows operating systems.
- Experience in securing on-premise IT assets, office networks and also cloud infrastructure.
- Cloud computing experience (preferable AWS).
- Knowledge of Web app vulnerabilities (preferably OWASP Top 10). Web app penetration testing using tools such as Nikto, Sqlmap, Burp Suite is a plus.
- A 4-year degree in Information Security (or equivalent field).
- Experience with NIST Special Publication 800-series is a plus.
Who are we a good fit for?
We love working with talented people but more than that, we seek out compassionate co-workers with a collaborative spirit. Our work moves quickly and we’re great at coming together to find creative solutions to some of tech’s most interesting problems. If that sounds good to you, join us.
Apply now
We’re proud to believe that your gender, race, nationality, religion, sexual orientation, status as a protected veteran, or status as an individual with a disability should have nothing to do with our hiring practices. We’ll never discriminate against anyone’s background or creed. If you’re good at what you do, we want you to do it at DraftKings.