Product Security Engineer
 London, KY
Improbable believes in a future where new, virtual worlds will augment human experience and become as meaningful, lasting and rich as the physical world. We call this the Multiversal Self.

Our platform, SpatialOS, lets developers transcend the limits of regular computation, allowing swarms of servers running in the cloud to cooperate in order to simulate worlds far larger and more complex than any single server could.

At Improbable, you are surrounded by people who want to improve everything and everyone around them, and who compel you to improve yourself. We’re motivated by the fulfilment of solving hard problems to achieve something profound and transformative.

Your Mission

As a Product Security Engineer within the Core Security team, will be responsibility for monitoring, refining and building new security features and processes for SpatialOS, the platform that underpins how our games are built. Playing both a hands-on and influencer role, you’ll define what is needed to ensure there is robust business-wide security.

Virtually every aspect of the product that Improbable offers are available through APIs, therefore security is absolutely fundamental. You’ll take what we currently have and refine it, as well as research and highlight new approaches. You will influence product direction cross-functionally across multiple teams, providing regular input into the roadmap. You’ll also have a role infecting our engineering and product development culture with security awareness, ensuring this is baked into delivery at the earliest possible opportunity.

Our customers are our focus so you’ll naturally gravitate towards them. The role will be about leading from a place of expertise and experience, mentoring our customers and the engineers around you.
The role   

/ Using your experience with product security, you will play a pivotal role in shaping a new team with responsibility for both platform and product security, as well as handling of security incidents, whenever they occur.
/ You’ll have opportunities to work on existing critical services to the business, finding ways to extend and improve the security aspects of our product offering. You’ll be involved both from early ideas (identifying gaps in designs) through to deployment and long term usage for a service or solution.
/ Working cross-functionally across multiple teams, you’ll become an evangelist for all things security related, aiming to foster and encourage a culture across the business that security is important to everyone, and why. You’ll take opportunities to promote this culture where you find it, from your work on pull requests to direct interactions with engineers.
/ You’ll participate in retrospectives and post-mortems (since we aren’t perfect!) to take opportunities to teach, collegially, how to avoid repeating our security-related snafus next time. You’ll spot ways of removing humans from security-sensitive manual processes.
/ As a team we make extensive use of StreamAlert including extending its support to new cloud environments, with the intention of upstreaming and open sourcing these changes. you should expect to see your work contributed back to the community to the benefit of all.
/ You’ll bring your experience to quickly grasp the security landscape here and develop a shared prioritization with key stakeholders to allow them to understand the importance of the work you advocate for while understanding other business pressures.
/ You will use your experience to help shape our platform architecture.  You’ll help harden those existing services to ensure Improbable’s products are secure. You’ll quickly get up to speed, adding additional controls and protections to existing gRPC services written in GoLang and C#.

Equal Opportunity
The best ideas are often the least expected and require new ways of thinking; that’s why our teams at Improbable are made up of an incredible range of talented people. Improbable is proud to be an equal opportunity employer. We do not discriminate based on race, ethnicity, colour, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran status, genetic information, marital status or any other legally protected status.