Security Engineer (DLP)
Scopely is looking for a Security Engineer (DLP) to join our Data Protection team in Canada on a remote basis!
At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.
The Data Protection Engineering Team safeguards Scopely's data stores, sensitive information, and intellectual property. We assess the data security hygiene of our games, investigate internal, partner, and vendor security incidents, enhance data loss prevention measures, and collaborate across teams to maintain a secure environment for our global community of players.
What You Will Do
We’re looking for an experienced Security Engineer who will help mature our corporate security and data protection programs, investigate complex incidents, and enhance visibility into sensitive data movement across the organisation.
You’ll own the analysis, automation, and engineering of our security tooling ecosystem, integrating and scaling tools like DLP, Jamf, Meraki/NinjaRMM, CrowdStrike, e-Discovery, Code42, Google Workspace, Slack, Confluence, and Island.io. You’ll build scripts, APIs, and AI workflows that automate controls, reduce manual effort, and strengthen security guardrails across the company.
Data Loss Prevention
Design, test, deploy, and manage enterprise DLP automated response across endpoints and cloud services
Deploy custom risk-tier-based policies and detection rules to reduce false positives while improving efficacy and user experience
Translate DLP and insider-risk findings into preventive controls (policy updates, browser controls, egress blocks) and targeted training (nudges).
Build out our backlog of our internal Security AI tooling catalogue
Internal Investigations & Response
Assess and investigate complex insider and third-party risk incidents, policy violations, and digital behaviours of concern, providing a thorough and mature investigative process from start to end.
Turn manual runbooks into idempotent workflows (CLI jobs, serverless functions, or CI jobs) with robust logging, metrics, and alerting.
Document findings clearly and concisely to both technical and non-technical audiences
Utilize OSINT techniques to develop investigation plans, gather evidence, and enrich findings
Build and enhance automated detection logic for data misuse using scripting, AI, or rule-based systems
Cross-Functional Enablement
Work with privacy, compliance, and governance teams to align controls with regulatory requirements (e.g., CCPA, GDPR)
Partner with IT, game studios, and platform teams to embed secure defaults, policy-as-code, and self-service tooling.
Support internal and external audits, policy reviews, and compliance syncs, performing investigations across both digital and human domains.
What We’re Looking For
Minimum 4 years of experience in security engineering or security data analysis
Experienced in handling data leaks and insider security incidents, leading multiple investigations from initiation to resolution
Hands-on experience administering several of the following: Okta, Jamf, Meraki/NinjaRMM, Code42 Incydr, Google Workspace, Slack, Confluence, CASB/DLP platforms, and Island Enterprise Browser
Demonstrated confidentiality and discretion when managing sensitive data and investigations, adhering to employment law and need-to-know principles
Comfortable leveraging AI tools to automate repetitive tasks, accelerate analysis, and enhance reporting accuracy and clarity
Possess an agile mindset and a collaborative spirit, with familiarity in Agile or Scrum methodologies
Proven ability to analyse and interpret security data to identify potential threats, vulnerabilities, and areas for improvement.
Strong English language skills are required for this role as we have a highly diverse and global business
Bonus Points
Experience working with global teams across multiple time zones
Experience in the gaming industry or working on protecting intellectual property
Background in Gaming or IP protection experience, SOAR, data engineering, or System engineering
At Scopely, we create games for everyone - and want to ensure that the people behind our games reflect that! We are committed to creating a diverse, supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure!
We welcome applications from people with disabilities and should you require accommodations during the application process please contact our Talent Coordinator team at Interview-Accomodations@scopely.com.
Security Engineer (DLP)
Scopely is looking for a Security Engineer (DLP) to join our Data Protection team in Canada on a remote basis!
At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.
The Data Protection Engineering Team safeguards Scopely's data stores, sensitive information, and intellectual property. We assess the data security hygiene of our games, investigate internal, partner, and vendor security incidents, enhance data loss prevention measures, and collaborate across teams to maintain a secure environment for our global community of players.
What You Will Do
We’re looking for an experienced Security Engineer who will help mature our corporate security and data protection programs, investigate complex incidents, and enhance visibility into sensitive data movement across the organisation.
You’ll own the analysis, automation, and engineering of our security tooling ecosystem, integrating and scaling tools like DLP, Jamf, Meraki/NinjaRMM, CrowdStrike, e-Discovery, Code42, Google Workspace, Slack, Confluence, and Island.io. You’ll build scripts, APIs, and AI workflows that automate controls, reduce manual effort, and strengthen security guardrails across the company.
Data Loss Prevention
Design, test, deploy, and manage enterprise DLP automated response across endpoints and cloud services
Deploy custom risk-tier-based policies and detection rules to reduce false positives while improving efficacy and user experience
Translate DLP and insider-risk findings into preventive controls (policy updates, browser controls, egress blocks) and targeted training (nudges).
Build out our backlog of our internal Security AI tooling catalogue
Internal Investigations & Response
Assess and investigate complex insider and third-party risk incidents, policy violations, and digital behaviours of concern, providing a thorough and mature investigative process from start to end.
Turn manual runbooks into idempotent workflows (CLI jobs, serverless functions, or CI jobs) with robust logging, metrics, and alerting.
Document findings clearly and concisely to both technical and non-technical audiences
Utilize OSINT techniques to develop investigation plans, gather evidence, and enrich findings
Build and enhance automated detection logic for data misuse using scripting, AI, or rule-based systems
Cross-Functional Enablement
Work with privacy, compliance, and governance teams to align controls with regulatory requirements (e.g., CCPA, GDPR)
Partner with IT, game studios, and platform teams to embed secure defaults, policy-as-code, and self-service tooling.
Support internal and external audits, policy reviews, and compliance syncs, performing investigations across both digital and human domains.
What We’re Looking For
Minimum 4 years of experience in security engineering or security data analysis
Experienced in handling data leaks and insider security incidents, leading multiple investigations from initiation to resolution
Hands-on experience administering several of the following: Okta, Jamf, Meraki/NinjaRMM, Code42 Incydr, Google Workspace, Slack, Confluence, CASB/DLP platforms, and Island Enterprise Browser
Demonstrated confidentiality and discretion when managing sensitive data and investigations, adhering to employment law and need-to-know principles
Comfortable leveraging AI tools to automate repetitive tasks, accelerate analysis, and enhance reporting accuracy and clarity
Possess an agile mindset and a collaborative spirit, with familiarity in Agile or Scrum methodologies
Proven ability to analyse and interpret security data to identify potential threats, vulnerabilities, and areas for improvement.
Strong English language skills are required for this role as we have a highly diverse and global business
Bonus Points
Experience working with global teams across multiple time zones
Experience in the gaming industry or working on protecting intellectual property
Background in Gaming or IP protection experience, SOAR, data engineering, or System engineering
At Scopely, we create games for everyone - and want to ensure that the people behind our games reflect that! We are committed to creating a diverse, supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure!
We welcome applications from people with disabilities and should you require accommodations during the application process please contact our Talent Coordinator team at Interview-Accomodations@scopely.com.