Security Engineer at DraftKings
What you’ll do as a Security Engineer:
- Test defensive controls and security response at DraftKings.
- Triage information security alerts and take appropriate action when real threats are discovered.
- Design and audit cloud security solutions to enable production security operations.
- Coordinate with IT, site reliability, and engineering teams to track and ensure security findings get resolved in a timely manner.
- Research, design, and advocate new technologies, architectures, and security products that will support security requirements for the cloud and cloud-enabled products.
- Assist in penetration tests against the DraftKings web application and DK office networks to continuously find and remediate security issues.
What skills you will need:
- Thorough understanding of core Information Security principles such as CIA triad, malware, vulnerabilities, exploits, attacks, firewalls, intrusion detection/prevention systems, etc.
- Scripting or development experience in either Python, Ruby, PowerShell, C#/.Net, etc., and extensive operations experience in either Linux or Windows operating systems.
- Experience in securing on-premise IT assets, office networks and also cloud infrastructure.
- Cloud computing experience (preferable AWS).
- Knowledge of Web app vulnerabilities (preferably OWASP Top 10). Web app penetration testing using tools such as Nikto, Sqlmap, Burp Suite is a plus.
- A 4-year degree in Information Security (or equivalent field).
- Experience with NIST Special Publication 800-series is a plus.