Information Security Engineer

Scopely is looking for an Information Security Engineer to join our Information Technology team in Spain or Portugal on a remote basis or flexible hybrid in Barcelona.

At Scopely, we care deeply about what we do and want to inspire play every day - whether in our work environments alongside our talented colleagues or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people worldwide daily.

The Data Protection Engineering Team safeguards Scopely's data stores, sensitive information, and intellectual property. We assess our games' data security hygiene, investigate internal and vendor security incidents, enhance data loss prevention measures, and collaborate across teams to maintain a secure environment for our global community of players.

What You Will Do:

We're looking for an experienced Information Security engineer or analyst with a strong focus on Internal/3rd party investigations, IT & Corporate Security, and Data Loss Prevention (DLP) to join our Security Engineering team. In this role, you'll help design and mature our corporate security and data protection programs, investigate complex incidents, and enhance visibility into sensitive data movement across the organization.

Data Loss Prevention

• Design, test, deploy, and manage enterprise DLP policies across endpoints and cloud services (e.g., Google Workspace, Okta, JamF, Slack, Confluence, CASB & DLP tools)
• Tune policies and detection rules to reduce false positives while improving efficacy and user experience
• Monitor, triage, and respond to DLP alerts, perform impact assessments, and escalate potential data loss events

Internal Investigations & Response

• Assess and investigate complex insider and third-party risk incidents, policy violations, and digital behaviours of concern, providing a thorough and mature investigative process from start to end.
• Collect and analyse artefacts from endpoints, SaaS logs, and communication platforms
• Document findings clearly and concisely to both technical and non-technical audiences
• Utilize OSINT techniques to develop investigation plans to gather evidence and enrich findings
• Build and enhance automated detection logic for data misuse using scripting, AI, or rule-based systems

Cross-Functional Enablement

• Work with privacy, compliance, and governance teams to align controls with regulatory requirements (e.g., GDPR, CCPA)
• Support internal and external audits, policy reviews, and compliance syncs, performing investigations across both digital and human domains.

What You Will Need:

• 4 Years minimum experience in Security, IT System Engineering, or Data Analysis with a focus on security
• Strong verbal command of the English language
• Comfortable working on security incidents and leading multiple investigations in parallel from initiation to completion
• Case Management: Owning & Handling cases end-to-end, ensuring thorough, articulate, and organized documentation with effective follow-through.
• Demonstrate a high level of confidentiality and respect for sensitive data and employment legal considerations throughout your investigations, sharing only on a strict need-to-know basis.
• Comfortable using AI tools to take care of the boring stuff, speed up analysis, and improve reporting quality and brevity.
• Agile Mindset & Collaborative spirit: Familiarity with agile methodologies.
• Proven ability to assess and interpret security data effectively to identify potential threats and vulnerabilities.

Bonus:

• Experience working with global teams across multiple time zones.
• Experience in the gaming industry or working on protecting intellectual property.
• Background in SOC analysis, CSIRT, or IT System Administration.

About Us

Scopely is a global interactive entertainment and mobile-first video game company, home to many top, award-winning experiences such as "MONOPOLY GO!," "Star Trek Fleet Command," "Stumble Guys," "MARVEL Strike Force," and "Yahtzee With Buddies," among others.

Scopely creates, publishes, and live-operates immersive games that empower a directed-by-consumer experience across multiple platforms--from mobile, web, PC and beyond.

Founded in 2011, Scopely is fueled by a world-class team and a proprietary technology platform Playgami that supports one of the most diversified portfolios in the games industry.

Recognized multiple times as one of Fast Company's "World's Most Innovative Companies," Scopely is a multi-billion-dollar business due to its ability to create long-lasting game experiences that players enjoy for years.

Scopely has global operations in more than a dozen markets across Asia, EMEA, and North America, and is home to many internal game development teams, referred to as Scopely Studios, with additional game studio partners across four continents.

Scopely was acquired by Savvy Games Group in July 2023 for $4.9 billion, and is now an independent subsidiary of Savvy.

For more information on Scopely, visit: scopely.com

Notice to candidates: Scopely, Inc and its affiliates will never request payment or ask for financial information as a condition for applying to a position or receiving an offer of employment. All official Scopely, Inc. recruiters only use email domains that end with @scopely.com.

Our official website is www.scopely.com. Please only apply to positions posted on our official website and ensure the recruiter only communicates via the official email domain.

Should you have any questions or encounter any fraudulent requests/emails/websites, please immediately contact recruiting@scopely.com. Our job applicant privacy policies are available here: California Privacy Notice and EEA/UK Privacy Notice.