Lead Information Security Engineer

At DevHub, we blend innovation with passion to lead the Technology and online entertainment industry. As a pioneer in the sector, we are committed to revolutionizing the digital landscape with our next-generation platform. Our mission is to create immersive, engaging, and seamless experiences that captivate and entertain users worldwide.

We don’t just believe that our people are our greatest asset, WE KNOW IT! We foster a vibrant and inclusive workplace where creativity and collaboration thrive. Our team of talented professionals is dedicated to pushing the boundaries of technology and delivering exceptional products that set new standards in the industry.

We are not just a company, we are a community that values the unique perspectives and talents of our people and are committed to providing a supportive environment where everyone can grow and succeed. Join us at DevHub, and be a part of a forward-thinking team that is shaping the future of online entertainment.

Position Overview:

We are looking for an experienced Information Security Engineer to lead our cybersecurity strategy, operations, and risk management programs. This role requires a strategic thinker who can operate at the executive level while also possessing deep hands-on technical knowledge across networking, infrastructure, malware, and offensive/defensive security practices.

Responsibilities within the team:

• Lead the development and execution of our enterprise cybersecurity strategy
• Oversee security operations, incident response, and continuous monitoring of threats
• Build and mature the security program, policies, and governance framework
• Conduct and manage penetration testing, red team activities, and vulnerability assessments
• Ensure secure design and architecture across cloud, network, and application environments
• Manage risk assessments, compliance initiatives, and internal/external security audits
• Partner closely with Engineering, IT, Legal, HR, and executive leadership

Facing the challenges of the role requires:

• 5+ years in cybersecurity, IT security, or risk management
• Expertise with routing, firewalls, VPNs, DNS, and Zero Trust models
• Hands-on experience with infrastructure security, identity systems (AD, Azure AD, Okta), servers, and cloud platforms (eg. Azure)
• Understanding of web services, APIs, authentication, encryption, and common vulnerabilities (OWASP)
• Experience with malware analysis, threat behavior, EDR tools, and incident forensics
• Experience conducting or overseeing pentesting, red team operations, and remediation strategies
• Experience with regulatory and compliance frameworks (SOC 2, ISO 27001, GDPR, NIST, etc.)
• Track record of building and scaling security programs in complex, fast-moving environments
• Strong communication skills with the ability to articulate technical issues to executives and non-technical stakeholders

Preferred but not mandatory certifications:

• CISSP, CISM, CISA
• GIAC (GCIH, GCIA, GPEN), OSCP
• CCSP or relevant cloud security certifications