Senior Cyber Security Specialist
Kindred Group is a digital entertainment pioneer bringing together nine successful online gambling brands, forming one of the largest online gambling groups in the world. Our purpose is to transform gambling by being a trusted source of entertainment that contributes positively to society. Our goal is that 0% revenue is derived from harmful gambling.
Our global team of more than 2000 people represents 60+ nationalities. When you join Kindred, you'll be part of a collaborative, diverse and inclusive team that has your best interest at heart. We are a trusting company that knows the value of a healthy work-life balance. We offer a wide range of benefits, along with an award-winning all-employee share program, which is a great opportunity to share in the company's success.
The Offensive Security team is a newly formed team embarking on a mission of rapid maturity and requires a highly motivated and talented Offensive Security Specialist to help guide us on this journey.
The Offensive Security team operates out of Stockholm and is one of the teams responsible for securing Kindred Group and its assets. We are searching for that certain someone who is not satisfied in just knowing common standards and frameworks, but instead likes to understand vulnerabilities, their exploitability, how to think like an adversary, and most importantly how to defend against them. You should have a real personal passion for security (across a broad range of domains), and technology and a desire to develop further as an Offensive Security expert (both technically and generally).
The Offensive Security team is one of three teams (Product Security, Offensive Security and DevSecOps) that make up the larger CyberSecurity team.
What you will be doing
- Own Kindred's internal penetration testing program; coordinate all internal penetration tests and help teams understand and remediate vulnerabilities where necessary
- Help to mature the product/infrastructure security for Kindred's platforms, bringing your expertise to our team to improve the way we work
- Execute penetration tests and red team engagements while maintaining and improving both capabilities
- Work with the team and external stakeholders to maintain and improve the bug bounty program
- Support the team with end-to-end application security reviews
- Identify security vulnerabilities and develop mitigation plans
- Educate members of the security champion network and security liaisons on secure practices
- Assist the CSIRT team in identifying threats and develop appropriate remediation plans (including forensics and malware analysis/reverse engineering)
- Architect, design, implement, support and evaluate security tools and services
- Develop and interpret security policies and procedures
- At least 3 years' experience working in a security related domain (either directly in a security team or focusing on security in, for example, web application security, penetration testing)
- Detailed, hands-on technical knowledge of at least two of: application security, infrastructure security, network security
- Experience in penetration testing and exploitability-focused vulnerability assessment
- Experience in performing red team activities
- Work with security vulnerability assessments and remediation techniques
- Excellent communication skills and strong English, both verbal and written
- Good people skills; able to work both independently and as part of the team
- Able to engage well with technical and non-technical audiences
- Working knowledge of basic scripting (e.g. Python, Bash)
- Desirable: Previous experience developing and delivering security software tools
- Desirable: Security experience in service-oriented architectures and web services
- Desirable: Proficiency in threat modelling and risk identification
- Desirable: Knowledge of cloud systems (AWS, Desirable: GCP, Azure)
- Desirable: Relevant university degree
- Desirable: Certifications in: GNFA, GCFE, GPEN, GREM
- Desirable: Offensive Security Certified Professional (OSCP) or Organization for Security and Co-operation in Europe qualifications
Our Way Of Working
Our world is hybrid.
A career is not a sprint. It’s a marathon. One of the perks of joining us is that we value you as a person first. Our hybrid world allows you to focus on your goals and responsibilities and lets you self-organise to improve your deliveries and get the work done in your own way.
Click on the “Apply” button and complete the short web form. Please add your CV and covering letter in English to let us know your motivation for applying and your salary expectation. Our Talent Acquisition team will be in touch soon.
Kindred is an equal opportunities employer committed to employing a diverse workforce and an inclusive culture. As such we oppose all forms of discrimination in the workplace. We create equal opportunities for all our applicants and will treat people equally regardless of and not limited to, gender, ages, disability, race, sexual orientation. We are committed not only to our legal obligations but also to the positive promotion that equal opportunities bring to our operations as set out in our sustainability framework. Kindred has an ESG rating of AAA by MCSI.