Location - Sunderland
tombola is a family owned company based in Sunderland which operates the UK's, Spain's and Italy's biggest on-line bingo websites (with offices in Madrid, Milan and Gibraltar) as well as websites in Denmark and Sweden with further countries to follow.
Our approach is different to many of our competitors in that we produce all of our software ourselves; in fact just about every aspect of tombola is managed in-house. We have created all of our own games and take pride in our technical innovation and the strength of the development and design teams who use cutting edge technologies to drive the business forward.
The future of tombola couldn’t be brighter as we look to build on our existing market-leading presence.
What will you do?
The successful candidate will help build on the existing operational security capabilities as part of a wider InfoSec program with an objective to protect both tombola and our players.
This role would suit an experienced InfoSec professional with a primary focus on Operational Security - you will provide hands-on technical security expertise to assist with designing, implementing and managing security solutions across both enterprise and cloud environments
A key part of this role will be to lead the development of the vulnerability management program, working with stakeholders from our Operational Support, Infrastructure and Development teams across all business divisions.
You will also play an integral part in assisting with security event monitoring, threat intelligence, investigations and incident management.
Your responsibilities will be:
- Responsible for leading, management and the ongoing improvement of the vulnerability management program
- Understand current and emerging security threat intelligence and ensure tombola is in a strong position to mitigate threats where possible
- Actively monitor for security incidents and participate in incident response teams to contain, investigate, and prevent future security incidents
- Define operational security requirements and implement appropriate controls to help mitigate security risks
- Keep abreast of security industry developments and make recommendations as to how we can improve
- Contribute to the planning, management and associated remediation of penetration and vulnerability testing across our systems
- Lead in the creation and adoption of security policies, standards and processes throughout tombola
- Challenge yourself to identify solutions and controls which promote security automation best practices
- Provide mentoring and guidance to less experienced members of the team to assist with their ongoing professional development
Employees at tombola are passionate about their chosen career paths and if successful, you'll be working with people that love what they do – therefore, you should too.
In addition to this you must also have:
- Significant hands-on technical experience designing, implementing, and supporting security solutions in enterprise and cloud environments
- Experience of working with ISO 27001/2:2013, PCI-DSS and GDPR
- Sound knowledge of security principles and technologies in application, infrastructure, network, endpoint security and cloud
- Experience working with combination of AWS, Linux, Windows and MacOS operating systems, WAF, SIEM, VM scanning toolsets, Anti-Virus, O365 Compliance & Security Centre, PowerShell, Python
- Previous experience of gambling industry and awareness of licensing regulations across multiple jurisdiction would be advantageous
- Experience working in or with agile, or DevOps oriented teams
- A desire to learn as we don't want to stand still. We want people who want to improve themselves.
- Good communication skills - It sounds clichéd but things like being able to express your ideas clearly, talking to both technical and non-technical colleagues is incredibly important
- Confidence to suggest improvements. We're constantly looking to improve the way we do things. From managing our workloads, to the way we deliver Information Security across tombola. We have an open attitude to new ideas. If you don’t like the way something is done all we ask is that you suggest a better way of doing it.
We offer a competitive salary as well as an amazing new HQ, free lunch and snacks, pension, discretionary bonus & private medical to name a few... To check out all of our perks please visit our benefits & perks page.