Senior InfoSec Specialist

The Role

Betsson Georgia is looking for a Senior Information Security Specialist to join the technology leadership team and work directly with the CTO. This is a senior, hands-on role positioned at the intersection of engineering, operations, compliance and global security functions.

Our environment is hybrid. We operate critical workloads in on-prem infrastructure while actively transitioning to AWS to become a fully cloud native organisation. We rely on modern tools such as Microsoft Azure and Office365, Slack, Atlassian Cloud (Jira, Confluence), GitLab Enterprise, ArgoCD, SonarQube and Kubernetes for our operational and development processes. Our product development teams work using Agile Scrum methodology. You will collaborate with these teams on a prioritised basis to ensure that key initiatives and high-impact changes incorporate secure-by-design practices.

You will collaborate regularly with Product Development, Infrastructure Operations, Corporate IT, DevOps, NOC, Legal & Compliance, Risk Management and Betsson Group’s global security teams. Your responsibility will be to strengthen our security posture, guide secure engineering practices, support audit and compliance needs, and help drive our cloud security maturity.

This role is not a SOC position. You will focus on security engineering, governance and risk rather than performing continuous operational monitoring.

Key Responsibilities: 

• Contribute to the design, evolution and governance of Betsson Georgia’s Information Security Framework across hybrid and cloud environments;
• Maintain and update local security policies and procedures in alignment with Betsson Group standards;
• Support security assessments for new platform features, integrations and architectural changes, including cloud migration initiatives;
• Collaborate with Agile Product Development teams on a prioritised basis to support secure-by-design practices for high-impact features and architectural changes;
• Work with DevOps and engineering teams who are responsible for implementing the technical controls you design or recommend;
• A key part of your role will be to create scalable guidelines, patterns and processes that allow teams to adopt secure practices without constant direct involvement;
• Drive the full vulnerability management lifecycle across on-prem, cloud and application layers;
• Support regular IAM and access review processes across on-prem and cloud systems;
• Review firewall policies, access control lists, network segmentation and connectivity between on-prem workloads, AWS and corporate environments;
• Oversee endpoint, anti-virus and EDR controls by collaborating with Corporate IT to ensure proper configuration, detection coverage and remediation processes;
• Lead automation efforts for security tooling, monitoring and reporting;
• Participate in Information Security Incident Management including triage, containment coordination, documentation, RCA and cross-team communication;
• Work with Legal, Compliance and Risk teams to evaluate data protection requirements, regulatory exposure and operational risks;
• Promote security awareness and maturity across Betsson Georgia’s technology and business departments.

Requirements: 

• Minimum 3 years of experience in Information Security or a related senior technical discipline;
• Strong understanding of hybrid infrastructure and cloud security concepts;
• Experience with AWS security components;
• Practical knowledge of Kubernetes and container security fundamentals;
• Familiarity with CI/CD platforms and code quality tools;
• Strong understanding of network security and hands-on experience with firewall policy review;
• Experience with SIEM, log analytics or monitoring platforms;
• Familiarity with Azure AD, Office365 security configuration and AD domain structures;
• Strong organisational skills, sense of ownership and attention to detail.

Preferred Requirements: 

• Experience in regulated industries such as gaming/fintech/banking;
• Experience implementing or maintaining security controls in agile organisations;
• Familiarity with ISO27001, NIST CSF and PCI DSS;
• Understanding of DevSecOps practices and automation patterns;
• Hands-on experience with backup, recovery and business continuity controls.

We offer

We offer working in fast growing business with professional management teams and value driven challenging and development oriented organisational culture. Here we have non-formal, creative and comfortable environment. If you enjoy diversity and fast pace then you are right person for this position and in this case there is the right environment provided for you to fulfil your potential. 

APPLY:

If you feel you have what it takes to be successful in this role, don't hesitate to apply. Since we will be interviewing candidates continuously send your application as soon as possible to be included in the recruitment process.