Information Security Engineer (DLP)

Scopely is looking for an Information Security Engineer (DLP) to join our Data Protection team in Canada on a remote basis!

At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.

The Data Protection Engineering Team safeguards Scopely's data stores, sensitive information, and intellectual property. We assess the data security hygiene of our games, investigate internal, partner, and vendor security incidents, enhance data loss prevention measures, and collaborate across teams to maintain a secure environment for our global community of players.

We’re looking for an experienced Security Engineer who will help mature our corporate security and data protection programs, investigate complex incidents, and enhance visibility into sensitive data movement across the organisation.

You’ll own the analysis, automation, and engineering of our security tooling ecosystem, integrating and scaling tools like DLP, Jamf, Meraki/NinjaRMM, CrowdStrike, e-Discovery, Code42, Google Workspace, Slack, Confluence, and Island.io. You’ll build scripts, APIs, and AI workflows that automate controls, reduce manual effort, and strengthen security guardrails across the company.

• Design, test, deploy, and manage enterprise DLP automated response across endpoints and cloud services
• Deploy custom risk-tier-based policies and detection rules to reduce false positives while improving efficacy and user experience
• Translate DLP and insider-risk findings into preventive controls (policy updates, browser controls, egress blocks) and targeted training (nudges).
• Build out our backlog of our internal Security AI tooling catalogue

• Assess and investigate complex insider and third-party risk incidents, policy violations, and digital behaviours of concern, providing a thorough and mature investigative process from start to end.
• Turn manual runbooks into idempotent workflows (CLI jobs, serverless functions, or CI jobs) with robust logging, metrics, and alerting.
• Document findings clearly and concisely to both technical and non-technical audiences
• Utilize OSINT techniques to develop investigation plans, gather evidence, and enrich findings
• Build and enhance automated detection logic for data misuse using scripting, AI, or rule-based systems

• Work with privacy, compliance, and governance teams to align controls with regulatory requirements (e.g., CCPA, GDPR)
• Partner with IT, game studios, and platform teams to embed secure defaults, policy-as-code, and self-service tooling.
• Support internal and external audits, policy reviews, and compliance syncs, performing investigations across both digital and human domains.

• Minimum 4 years of experience in security engineering or security data analysis
• Experienced in handling data leaks and insider security incidents, leading multiple investigations from initiation to resolution
• Hands-on experience administering several of the following: Okta, Jamf, Meraki/NinjaRMM, Code42 Incydr, Google Workspace, Slack, Confluence, CASB/DLP platforms, and Island Enterprise Browser
• Demonstrated confidentiality and discretion when managing sensitive data and investigations, adhering to employment law and need-to-know principles
• Comfortable leveraging AI tools to automate repetitive tasks, accelerate analysis, and enhance reporting accuracy and clarity
• Possess an agile mindset and a collaborative spirit, with familiarity in Agile or Scrum methodologies
• Proven ability to analyse and interpret security data to identify potential threats, vulnerabilities, and areas for improvement.
• Strong English language skills are required for this role as we have a highly diverse and global business

• Experience working with global teams across multiple time zones
• Experience in the gaming industry or working on protecting intellectual property
• Background in Gaming or IP protection experience, SOAR, data engineering, or System engineering

At Scopely, we create games for everyone - and want to ensure that the people behind our games reflect that! We are committed to creating a diverse, supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure!

We welcome applications from people with disabilities and should you require accommodations during the application process please contact our Talent Coordinator team at Interview-Accomodations@scopely.com.

Notice to candidates: Scopely, Inc and its affiliates will never request payment or ask for financial information as a condition for applying to a position or receiving an offer of employment. All official Scopely, Inc. recruiters only use email domains that end with @scopely.com.

Employment at Scopely is based solely on a person's merit and qualifications. Scopely does not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law. We also consider qualified applicants with arrest or conviction records, consistent with applicable federal, state and local law.