Data Security Engineer

Scopely is looking for a Data Security Engineer to join our Data Protection team in Mexico City.

At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily. 

The Data Protection Engineering Team safeguards Scopely's data stores, sensitive information, and intellectual property. We assess the data security hygiene of our games, investigate internal, partner, and vendor security incidents, enhance data loss prevention measures, and collaborate across teams to maintain a secure environment for our global community of players.

What You Will Do 

We’re looking for an experienced Information Security Engineer who will help mature our corporate security and data protection programs, investigate complex incidents, and enhance visibility into sensitive data movement across the organisation.

You’ll own the analysis, automation, and engineering of our security tooling ecosystem — integrating and scaling tools like DLP, Jamf, Meraki/NinjaRMM, CrowdStrike, e-Discovery, Code42, Google Workspace, Slack, Confluence, and Island.io. You’ll build scripts, APIs, and AI workflows that automate controls, reduce manual effort, and strengthen security guardrails across the company.

Data Loss Prevention

• Design, test, deploy, and manage enterprise DLP automated response across endpoints and cloud services
• Deploy custom risk-tier-based policies and detection rules to reduce false positives while improving efficacy and user experience
• Translate DLP and insider-risk findings into preventive controls (policy updates, browser controls, egress blocks) and targeted training (nudges).
• Build out our backlog of our internal Security AI tooling catalogue

Internal Investigations & Response

• Assess and investigate complex insider and third-party risk incidents, policy violations, and digital behaviours of concern, providing a thorough and mature investigative process from start to end.
• Turn manual runbooks into idempotent workflows (CLI jobs, serverless functions, or CI jobs) with robust logging, metrics, and alerting.
• Document findings clearly and concisely to both technical and non-technical audiences
• Utilize OSINT techniques to develop investigation plans, gather evidence, and enrich findings
• Build and enhance automated detection logic for data misuse using scripting, AI, or rule-based systems

Cross-Functional Enablement

• Work with privacy, compliance, and governance teams to align controls with regulatory requirements (e.g., CCPA, GDPR)
• Partner with IT, game studios, and platform teams to embed secure defaults, policy-as-code, and self-service tooling.
• Support internal and external audits, policy reviews, and compliance syncs, performing investigations across both digital and human domains.

What We’re Looking For 

• Minimum 4 years of experience in security engineering or security data analysis
• Experienced in handling data leaks and insider security incidents, leading multiple investigations from initiation to resolution
• Hands-on experience administering several of the following: Okta, Jamf, Meraki/NinjaRMM, Code42 Incydr, Google Workspace, Slack, Confluence, CASB/DLP platforms, and Island Enterprise Browser
• Demonstrated confidentiality and discretion when managing sensitive data and investigations, adhering to employment law and need-to-know principles
• Comfortable leveraging AI tools to automate repetitive tasks, accelerate analysis, and enhance reporting accuracy and clarity
• Possess an agile mindset and a collaborative spirit, with familiarity in Agile or Scrum methodologies
• Proven ability to analyse and interpret security data to identify potential threats, vulnerabilities, and areas for improvement.
• Strong English language skills are required for this role as we have a highly diverse and global business

Bonus Points 

• Experience working with global teams across multiple time zones
• Experience in the gaming industry or working on protecting intellectual property
• Background in Gaming or IP protection experience, SOAR, data engineering, or System engineering

At Scopely, we create games for everyone, and we want to ensure that the people behind our games reflect that. We are committed to creating a diverse, supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure!