Director of Security

At EFG (ESL FACEIT Group) we create worlds beyond gameplay where players and fans become a community. We pride ourselves in having a corporate social responsibility which is that “IT’S NOT GG (Good Game), UNTIL IT’S GG FOR ALL”. We are passionate about the culture we foster that ultimately helps to create and shape the world of esports, gaming tournaments, leagues, events and holistic ecosystems staged for our millions of players, fans, and heroes.

The goal of the Technology team is to establish the best tech platform in the gaming industry. They oversee all product-related technology within EFG, including scouting for innovative tech solutions, designing architectural frameworks, implementing best practices, devising effective tech strategies, fostering partnerships, and implementing seamless integrations

As the Director of Security, your overarching purpose is to ensure the safety, integrity, and resilience of our company's assets, personnel, and operations. You will lead the development, implementation, and continuous improvement of information security strategies, policies, and procedures to mitigate risks and safeguard against internal and external threats. Your role is pivotal in fostering a culture of security awareness and compliance throughout the company while maintaining alignment with industry best practices and regulatory requirements.

What you will do:

• You will create, be part of, and grow the team responsible for the security process across the EFG organization covering the Digital Platform and in the future our Esports business.
• Help us, hands on, in building and improving our security foundations including product security, cloud infrastructure, network security, device security and security automation, amongst other aspects critical to the security of the product and our players/community.
• Investigate and manage the resolution of any security incidents while remaining calm and being the rational voice to help guide the whole team when critical issues arise.
• With a product focus, identify improvements that drive efficiency and make it easier to achieve “secure by default/design” including security strategy, prioritization and planning.
• Develop and implement risk assessment and threat modeling to help us identify areas of focus and ensure that resources are effectively directed to addressing them.
• Own governance, ensure compliance with internal security policies and applicable laws and regulations, design and operate our compliance monitoring and improvement process and ensure that we report effectively and regularly.
• Act as a representative for the company and its security posture with auditors and other third-parties.
• Assist with the overall business technology planning, providing a future vision of technology and systems with security in mind.
• Be responsible for establishing and owning the security budget within the company.

Requirements

• Proven experience in a security leadership role at a tech-focused company
• Experience in developing and managing successful and scalable information security management systems as well as the teams that support them.
• Strong technical background in security engineering including software development.
• Great infrastructure fundamentals including experience with cloud infrastructure.
• Good knowledge of regulatory compliance, data protection, risk management methodologies and cybersecurity frameworks (NIST being the preference).
• Hands-on experience with security operations and incident response.
• Passionate about building a strong and collaborative security culture.
• Strong leadership and decision-making skills.
• Excellent communication and presentation skills.
• Ability to work effectively with various levels of the organization, from technical teams to executive management.
• Flexibility and adaptability to work in a rapidly changing environment, with a willingness to work with a remote and global team.
• Degree or Master's in Cybersecurity would be beneficial but not required or any specific accreditations related to security including: CISM, CISSP, and/or CEH.

Additional information:

• This role may require travel from time to time for team get-togethers or specific partner engagements but should be minimal for the individual.