Security Engineer (DLP)

Scopely is looking for a Security Engineer (DLP) to join our Data Protection team in Canada on a remote basis!

At Scopely we care deeply about what we do and want to inspire play every day - whether in our work environments alongside our talented colleagues or through our deep connections with our communities of players. We are a global team of game lovers who are developing publishing and innovating the mobile games industry connecting millions of people around the world daily.

The Data Protection Engineering Team safeguards Scopely's data stores sensitive information and intellectual property. We assess the data security hygiene of our games investigate internal partner and vendor security incidents enhance data loss prevention measures and collaborate across teams to maintain a secure environment for our global community of players.

What You Will Do

We’re looking for an experienced Security Engineer who will help mature our corporate security and data protection programs investigate complex incidents and enhance visibility into sensitive data movement across the organisation.

You’ll own the analysis automation and engineering of our security tooling ecosystem integrating and scaling tools like DLP Jamf Meraki/NinjaRMM CrowdStrike e-Discovery Code42 Google Workspace Slack Confluence and Island.io. You’ll build scripts APIs and AI workflows that automate controls reduce manual effort and strengthen security guardrails across the company.

Data Loss Prevention

• Design test deploy and manage enterprise DLP automated response across endpoints and cloud services

• Deploy custom risk-tier-based policies and detection rules to reduce false positives while improving efficacy and user experience

• Translate DLP and insider-risk findings into preventive controls (policy updates browser controls egress blocks) and targeted training (nudges).

• Build out our backlog of our internal Security AI tooling catalogue

Internal Investigations & Response

• Assess and investigate complex insider and third-party risk incidents policy violations and digital behaviours of concern providing a thorough and mature investigative process from start to end.

• Turn manual runbooks into idempotent workflows (CLI jobs serverless functions or CI jobs) with robust logging metrics and alerting.

• Document findings clearly and concisely to both technical and non-technical audiences

• Utilize OSINT techniques to develop investigation plans gather evidence and enrich findings

• Build and enhance automated detection logic for data misuse using scripting AI or rule-based systems

Cross-Functional Enablement

• Work with privacy compliance and governance teams to align controls with regulatory requirements (e.g. CCPA GDPR)

• Partner with IT game studios and platform teams to embed secure defaults policy-as-code and self-service tooling.

• Support internal and external audits policy reviews and compliance syncs performing investigations across both digital and human domains.

What We’re Looking For

• Minimum 4 years of experience in security engineering or security data analysis

• Experienced in handling data leaks and insider security incidents leading multiple investigations from initiation to resolution

• Hands-on experience administering several of the following: Okta Jamf Meraki/NinjaRMM Code42 Incydr Google Workspace Slack Confluence CASB/DLP platforms and Island Enterprise Browser

• Demonstrated confidentiality and discretion when managing sensitive data and investigations adhering to employment law and need-to-know principles

• Comfortable leveraging AI tools to automate repetitive tasks accelerate analysis and enhance reporting accuracy and clarity

• Possess an agile mindset and a collaborative spirit with familiarity in Agile or Scrum methodologies

• Proven ability to analyse and interpret security data to identify potential threats vulnerabilities and areas for improvement.

• Strong English language skills are required for this role as we have a highly diverse and global business

Bonus Points

• Experience working with global teams across multiple time zones

• Experience in the gaming industry or working on protecting intellectual property

• Background in Gaming or IP protection experience SOAR data engineering or System engineering

At Scopely we create games for everyone - and want to ensure that the people behind our games reflect that!   We are committed to creating a diverse supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure!

We welcome applications from people with disabilities and should you require accommodations during the application process please contact our Talent Coordinator team at [email protected] .