We are DraftKings.
Were inspired by our shared passion for developing creative solutions to complex challenges and empowering the people around us to do their best work. We are industry leaders in the digital entertainment and technology space propelled by constant curiosity and diverse perspectives.
Our teams are fueled by innovation. We are looking ahead, building whats next, and continuously reinventing the industry. Were a publicly traded (NASDAQ: DKNG) technology company headquartered in Boston, with teams around the world and an expanding global presence.
The strategy behind the game
As a member of the Information Security Team, youll be continuously attacking and defending the DraftKings web applications, cloud environments, onPrem datacenters and networks to ensure security for our data, systems, customers and employees. Our team consists of forward-thinking individuals who want to disrupt the traditional mold through progressive design, automation, and system implementation practices.
What youll do as a Senior Security Engineer:
- Identify and apply relevant security best practices across DraftKings applications and infrastructure.
- Test defensive controls and security responses.
- Triage information security alerts and take appropriate action when real threats are discovered.
- Design and audit cloud security solutions to detect and prevent malware, breaches or loss of data
- Coordinate with IT, site reliability, and engineering teams to track and ensure security findings get resolved in a timely manner.
- Coordinate with IT, site reliability, and engineering teams to insure security solutions are being rolled and deployed appropriately
- Research, design, and advocate new technologies, architectures, and security solutions that will protect DKs cloud & onPrem systems
What skills you will need:
- Thorough understanding of core Information Security principles such as CIA triad, malware, vulnerabilities, exploits, attacks, firewalls, intrusion detection/prevention systems, etc.
- Scripting or development experience in either Python, Ruby, PowerShell, C#/.Net, etc., and extensive operations experience in either Linux or Windows operating systems.
- Security experience in one or more of: JS, C, C#, C++, cryptography, reverse engineering, common web vulnerabilities (SQLi, XSS, CSRF), exploit development.
- Experience applying and managing infosec systems such as Rapid7 Products, Palo Alto Prisma, AWS Guard Duty, bug bounty programs, EDR systems, MS ATA etc
- Experience in securing on-premise IT assets, office networks and also cloud infrastructure.
- Cloud computing experience (preferable AWS & GCP)
- Knowledge of Web app vulnerabilities (preferably OWASP Top 10). Web app penetration testing using tools such as Nikto, Sqlmap, Burp Suite is a plus.
- Familiarity with attack tools such as Cobalt strike
We strive to create a place where all feel safe, empowered, engaged, championed, and inspired. DraftKings is proud to be an equal opportunity employer. This means we do not tolerate discrimination of any kind and are committed to providing equal employment opportunities regardless of your gender identity, race, nationality, religion, sexual orientation, status as a protected veteran, or status as an individual with a disability.
Ready to build whats next? Apply now.
As a regulated gaming company, you may be required to obtain a gaming license issued by the appropriate state agency as a condition of employment.