Senior Cyber Security Specialist

About Kindred
Kindred Group is a digital entertainment pioneer bringing together nine successful online gambling brands, forming one of the largest online gambling groups in the world. Our purpose is to transform gambling by being a trusted source of entertainment that contributes positively to society. Our goal is that 0% revenue is derived from harmful gambling.
Our global team of more than 2000 people represents 60+ nationalities. When you join Kindred, you'll be part of a collaborative, diverse and inclusive team that has your best interest at heart. We are a trusting company that knows the value of a healthy work-life balance. We offer a wide range of benefits, along with an award-winning all-employee share program, which is a great opportunity to share in the company's success.
The Role
The Offensive Security team is a newly formed team embarking on a mission of rapid maturity and requires a highly motivated and talented Offensive Security Specialist to help guide us on this journey.
The Offensive Security team operates out of Stockholm and is one of the teams responsible for securing Kindred Group and its assets. We are searching for that certain someone who is not satisfied in just knowing common standards and frameworks, but instead likes to understand vulnerabilities, their exploitability, how to think like an adversary, and most importantly how to defend against them. You should have a real personal passion for security (across a broad range of domains), and technology and a desire to develop further as an Offensive Security expert (both technically and generally).
The Offensive Security team is one of three teams (Product Security, Offensive Security and DevSecOps) that make up the larger CyberSecurity team.
What you will be doing
Own Kindred's internal penetration testing program; coordinate all internal penetration tests and help teams understand and remediate vulnerabilities where necessary
Help to mature the product/infrastructure security for Kindred's platforms, bringing your expertise to our team to improve the way we work
Execute penetration tests and red team engagements while maintaining and improving both capabilities
Work with the team and external stakeholders to maintain and improve the bug bounty program
Support the team with end-to-end application security reviews
Identify security vulnerabilities and develop mitigation plans
Educate members of the security champion network and security liaisons on secure practices
Assist the CSIRT team in identifying threats and develop appropriate remediation plans (including forensics and malware analysis/reverse engineering)
Architect, design, implement, support and evaluate security tools and services
Develop and interpret security policies and procedures

Your experience
At least 3 years' experience working in a security related domain (either directly in a security team or focusing on security in, for example, web application security, penetration testing)
Detailed, hands-on technical knowledge of at least two of: application security, infrastructure security, network security
Experience in penetration testing and exploitability-focused vulnerability assessment
Experience in performing red team activities
Work with security vulnerability assessments and remediation techniques
Excellent communication skills and strong English, both verbal and written
Good people skills; able to work both independently and as part of the team
Able to engage well with technical and non-technical audiences
Working knowledge of basic scripting (e.g. Python, Bash)

Desirable: Previous experience developing and delivering security software tools
Desirable: Security experience in service-oriented architectures and web services
Desirable: Proficiency in threat modelling and risk identification
Desirable: Knowledge of cloud systems (AWS, Desirable: GCP, Azure)
Desirable: Development experience (Java, JavaScript)
Desirable: Relevant university degree
Desirable: Certifications in: GNFA, GCFE, GPEN, GREM
Desirable: Offensive Security Certified Professional (OSCP) or Organization for Security and Co-operation in Europe qualifications

Our Way Of Working
Our world is hybrid.
A career is not a sprint. It’s a marathon. One of the perks of joining us is that we value you as a person first. Our hybrid world allows you to focus on your goals and responsibilities and lets you self-organise to improve your deliveries and get the work done in your own way.
Application Process
Click on the “Apply Now” button and complete the short web form. Please add your CV and covering letter in English to let us know your motivation for applying and your salary expectation. Our Talent Acquisition team will be in touch soon. Kindred is an equal opportunities employer committed to employing a diverse workforce and an inclusive culture. As such we oppose all forms of discrimination in the workplace. We create equal opportunities for all our applicants and will treat people equally regardless of and not limited to, gender, ages, disability, race, sexual orientation. We are committed not only to our legal obligations but also to the positive promotion that equal opportunities bring to our operations as set out in our sustainability framework. Kindred has an ESG rating of AAA by MCSI.

Details
Hybrid
Stockholm
Full Time Permanent
TEC1964





Benefits


Well-being allowance


Learning and development opportunities


Inclusion networks


Charity days


Long service awards


Social events and activites


All employee share scheme


Private medical insurance


Life assurance and income protection


Employee Assistance Programme


Pension