Security Engineer (DLP)

Scopely is looking for a Security Engineer (DLP) to join our Data Protection team in Canada on a remote basis!

At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.

The Data Protection Engineering Team safeguards Scopely's data stores, sensitive information, and intellectual property. We assess the data security hygiene of our games, investigate internal, partner, and vendor security incidents, enhance data loss prevention measures, and collaborate across teams to maintain a secure environment for our global community of players.

We’re looking for an experienced Security Engineer who will help mature our corporate security and data protection programs, investigate complex incidents, and enhance visibility into sensitive data movement across the organisation.

You’ll own the analysis, automation, and engineering of our security tooling ecosystem, integrating and scaling tools like DLP, Jamf, Meraki/NinjaRMM, CrowdStrike, e-Discovery, Code42, Google Workspace, Slack, Confluence, and Island.io. You’ll build scripts, APIs, and AI workflows that automate controls, reduce manual effort, and strengthen security guardrails across the company.

• Design, test, deploy, and manage enterprise DLP automated response across endpoints and cloud services
• Deploy custom risk-tier-based policies and detection rules to reduce false positives while improving efficacy and user experience
• Translate DLP and insider-risk findings into preventive controls (policy updates, browser controls, egress blocks) and targeted training (nudges).
• Build out our backlog of our internal Security AI tooling catalogue

• Assess and investigate complex insider and third-party risk incidents, policy violations, and digital behaviours of concern, providing a thorough and mature investigative process from start to end.
• Turn manual runbooks into idempotent workflows (CLI jobs, serverless functions, or CI jobs) with robust logging, metrics, and alerting.
• Document findings clearly and concisely to both technical and non-technical audiences
• Utilize OSINT techniques to develop investigation plans, gather evidence, and enrich findings
• Build and enhance automated detection logic for data misuse using scripting, AI, or rule-based systems

• Work with privacy, compliance, and governance teams to align controls with regulatory requirements (e.g., CCPA, GDPR)
• Partner with IT, game studios, and platform teams to embed secure defaults, policy-as-code, and self-service tooling.
• Support internal and external audits, policy reviews, and compliance syncs, performing investigations across both digital and human domains.

• Minimum 4 years of experience in security engineering or security data analysis
• Experienced in handling data leaks and insider security incidents, leading multiple investigations from initiation to resolution
• Hands-on experience administering several of the following: Okta, Jamf, Meraki/NinjaRMM, Code42 Incydr, Google Workspace, Slack, Confluence, CASB/DLP platforms, and Island Enterprise Browser
• Demonstrated confidentiality and discretion when managing sensitive data and investigations, adhering to employment law and need-to-know principles
• Comfortable leveraging AI tools to automate repetitive tasks, accelerate analysis, and enhance reporting accuracy and clarity
• Possess an agile mindset and a collaborative spirit, with familiarity in Agile or Scrum methodologies
• Proven ability to analyse and interpret security data to identify potential threats, vulnerabilities, and areas for improvement.
• Strong English language skills are required for this role as we have a highly diverse and global business

• Experience working with global teams across multiple time zones
• Experience in the gaming industry or working on protecting intellectual property
• Background in Gaming or IP protection experience, SOAR, data engineering, or System engineering

Scopely is a global interactive entertainment and mobile-first video game company, home to many top, award-winning experiences such as MONOPOLY GO!, Star Trek Fleet Command, Stumble Guys, MARVEL Strike Force, and Yahtzee With Buddies, among others. Scopely creates, publishes, and live-operates immersive games that empower a directed-by-consumer experience across multiple platforms—from mobile, web, PC and beyond.

Founded in 2011, Scopely is fueled by a world-class team and a proprietary technology platform Playgami that supports one of the most diversified portfolios in the games industry.

Recognized multiple times as one of Fast Company’s World’s Most Innovative Companies, Scopely is a multi-billion-dollar business due to its ability to create long-lasting game experiences that players enjoy for years.

Scopely has global operations in more than a dozen markets across Asia, EMEA, and North America, and is home to many internal game development teams, referred to as Scopely Studios, with additional game studio partners across four continents.

Scopely was acquired by Savvy Games Group in July 2023 for $4.9 billion, and is now an independent subsidiary of Savvy.

For more information on Scopely, visit: scopely.com

Notice to candidates: Scopely, Inc and its affiliates will never request payment or ask for financial information as a condition for applying to a position or receiving an offer of employment. All official Scopely, Inc. recruiters only use email domains that end with @scopely.com.

Our official website is www.scopely.com. Please only apply to positions posted on our official website and ensure the recruiter only communicates via the official email domain.

Should you have any questions or encounter any fraudulent requests/emails/websites, please immediately contact recruiting@scopely.com. Our job applicant privacy policies are available here: California Privacy Notice and EEA/UK Privacy Notice.

Employment at Scopely is based solely on a person's merit and qualifications. Scopely does not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law. We also consider qualified applicants with arrest or conviction records, consistent with applicable federal, state and local law.