Security Lead

Playson is a leading iGaming supplier operating in multiple regulated markets, delivering engaging casino content and advanced technology. We’re a fast-growing, tech-driven company that values innovation, autonomy, and ownership. At Playson, we welcome people who are curious, proactive, and passionate about solving complex challenges at scale.

We are ISO/IEC 27001 certified and committed to maintaining a robust security and compliance posture across all our operations.

About the Role

We are looking for a Security Lead to strengthen Playson’s information security framework and drive continuous improvement of our security culture. This role combines technical expertise, investigative focus, and process leadership - ensuring that our systems, data, and people remain secure, compliant, and resilient.

What will you be doing?

Information Security & Compliance

• Maintain and continuously improve the ISO/IEC 27001:2022 Information Security Management System (ISMS).
• Foster a strong Security-First mindset across the organization.
• Work closely with the CTO, Head of IT, and DevOps to enhance internal security controls.
• Conduct internal audits, risk assessments, and coordinate certification renewals.
• Update security policies and controls in line with ISO 27001, GDPR, and relevant international frameworks (e.g., NIST CSF and NIS2 principles where applicable).
  Manage integrations and alerting within Datadog SIEM, CrowdStrike, Cloudflare, and Google Workspace.
• Support DLP implementation and maintain central tracking of security events.
• Document risks, incidents, and corrective actions to ensure continuous compliance.

Incident Response & Investigation

• Lead investigations into security incidents such as phishing, data leakage, or unauthorized access.
• Collect and analyze digital evidence across systems (CrowdStrike, Cloudflare, Google, Slack).
• Maintain and enhance incident response playbooks and escalation workflows.
• Collaborate with HR, Legal, and IT teams during internal investigations.
• Produce post-incident reports and recommend remediation measures.

Endpoint & Access Security

• Manage MDM systems (Zoho MDM, Endpoint Central) and ensure full compliance for macOS endpoints.
• Maintain CrowdStrike Falcon configurations and endpoint posture enforcement.
• Oversee SSO, MFA, and 2FA enforcement across services (Google SSO, DUO Mobile, 1Password).
• Implement Just-in-Time (JIT) privilege elevation and regular admin access reviews.
• Perform Quarterly RAS Access Management Reviews.

• Maintain a consistent audit trail for access management throughout the year.

   

To succeed in the role, you will have:

• 3+ years of experience in information security, IT audit, or digital investigations.
• Solid understanding of ISO 27001, GDPR, and modern security frameworks (NIST CSF / NIS2).
• Hands-on experience with SIEM / EDR systems
• Proven ability to manage SSO, MFA, DLP, and MDM environments.
• Strong communication skills in English (B2 or higher).
• Analytical mindset, integrity, and attention to detail.

Preferred additional qualifications:

• Certifications: CISSP, CISM, CEH, ISO 27001 Lead Auditor, AWS Security Specialty.
• Experience with Zero Trust, PAM, DLP/CASB, or SOAR platforms.
• Forensics experience.
• Experience in designing awareness programs or running phishing simulations.

What you get in return:

• Competitive Salary: We offer a competitive salary in EUR, subject to annual performance reviews
• Quarterly Bonuses: Benefit from a transparent and systematic quarterly bonus system
• Flexible Schedule: We offer a flexible work schedule to accommodate your needs
• Remote Work Option: Choose to work remotely, providing greater flexibility and comfort
• Medical Insurance: Receive comprehensive medical insurance for both you and a significant other
• Financial Support for Life Events: We provide financial support during special life events
• Unlimited Paid Vacation: Enjoy unlimited paid vacation leave
• Unlimited Paid Sick Leave: Take unlimited paid sick leave whenever necessary
• Professional Development: Get reimbursement for professional development courses and training

The recruitment process includes the following steps:

1. HR Interview (30-45 mins)

2. Technical interview with Service Desk & Security Lead (60 mins)

3. Final Interview with CTO and People Business Partner (60 mins)