Information Security Analyst

At EFG (ESL FACEIT Group) we create worlds beyond gameplay where players and fans become community. We pride ourselves in having a corporate social responsibility which is that “IT’S NOT GG (Good Game), UNTIL IT’S GG FOR ALL”. We are passionate about the culture we foster that ultimately helps to create and shape the world of esports, gaming tournaments, leagues, events, and holistic ecosystems staged for our millions of players, fans and heroes.

Our Information security team is responsible for the implementation, design, management, and allocation of all technology security measures, this team focuses on risk assessment, proactive security management, and the handling of security incidents within the organization. Their expertise safeguards the integrity and confidentiality of information.

An Information Security Analyst will play a key part in the Information Security team, by supporting both Security Assurance and Security Operations responsibilities. They will help us process net-new projects, and work on the projects to streamline our ability to complete our audits and assist with Commercial work, and vendor reviews.

What you will do:

• Lead our Email Security program, such as creating, managing, and monitoring our DMARC, SPF, DKIM, BIMI, and MTA-STS records, and handling email security threats;
• Contribute to our audits, internal and external, by gathering evidence, ensuring policy compliance, and supporting overall compliance efforts;
• Engage with key stakeholders across the business, working on cross-collaboration projects to deliver our Information Security roadmap;
• Manage incidents from detection to post-incident analysis, writing incident records, and following up on any actions;
• Review third-party vendor security and AI requirements to ensure compliance with our third-party risk management program;
• Operationalize and document new security processes as they are developed;
• Contribute to the tuning and configuration of security tools to improve detection accuracy and reduce false positives;
• Assist in the design, implementation, and maintenance of security controls;

Requirements

• Hands-on Email Security Management experience, 
• Minimum 3 years related work experience within Information Security or equivalent role. 
• Hands-on experience with EDR tooling, 
• Incident Response and Management, 
• Third-Party Risk Management, 
• Data Loss Prevention knowledge and experience (not required but beneficial) 
• Strong analysis and problem-solving skills, 
• Strong oral and written communication skills, with the ability to explain technical to non-technical audiences,
• Ability to work both independently and collaboratively as a member of a small team, 
• Ability to manage multiple projects at once and hit delivery targets,
• To complete any other tasks that may reasonably fall within this role remit (always leave this point in for legal reasons)
• ISO27001/NIST/COBIT experience is beneficial but not required 
• IAPP/GIAC/or other certification is beneficial but not required