Mr Who?

MrQ - we're an awesome, award winning online casino launched in 2018. We're big on tech, big on performance and most of all - big on fun. Over the years, we have experienced explosive growth - which means we need more rock stars to join our quest for total world domination.

This is a founding security engineering role. There is no existing function, no inherited tooling, no playbooks to follow while you're building it. We need someone who can own the entire security engineering discipline end to end: define the strategy, architect the solutions, deploy and manage the tooling, write the policies, run the operations, and report on posture to the business. You’ll work as a direct partner to the IT Ops Specialist. The two of you will shape how security and IT operations work together across the organisation. This means you need to be technically exceptional while also being the person who builds the governance, drives compliance, and ensures security has a seat at every strategic decision. You will own the security roadmap, influence technology and platform choices, and be accountable for the security posture of the business. This is not a support role, it’s a senior position that demands both engineering depth and strategic ownership

What You Will Do

1. Security Strategy & Technical Leadership

• Strategic Ownership: Define and own the enterprise security strategy and multi-year roadmap. Identify gaps, set priorities, allocate effort and deliver. This feeds directly into business-level risk decisions.

• Technical Authority: Be the definitive technical voice on security across the organisation. Evaluate threats, make architectural decisions, and set the standard for how security is implemented across every platform and system.

• Partnership: Operate as a strategic partner to the IT Ops Specialist. Jointly shape how security and IT operations integrate shared tooling decisions, aligned processes, unified incident response, single view of risk.

• Stakeholder Influence: Present security posture, risk appetite and investment cases to senior leadership. Translate technical risk into business impact. Ensure security is embedded into every major technology and product decision.

2. Security Architecture, Tooling & Engineering

• Security Stack: Evaluate, select, deploy, configure and manage the full enterprise security tooling suite from scratch — EDR/XDR (CrowdStrike/SentinelOne), SASE/SWG (Netskope/Zscaler), SIEM, email security, DLP, endpoint privilege management, application allowlisting.

• Architecture: Design and implement enterprise security architecture built on zero trust and secure-by-default principles. Own the technical blueprint across cloud (AWS), SaaS, endpoints, network and identity.

• Detection Engineering: Build, tune and maintain detection rules, correlation logic and alerting across SIEM and EDR. Engineer high-fidelity detections mapped to MITRE ATT&CK. Continuously reduce false positives and expand coverage.

• Automation: Engineer automation for security operations at scale — scripting (Python, Bash, PowerShell) for response orchestration, access reviews, compliance checks, vulnerability reporting, threat intel enrichment.

• Integration & Evaluation: Ensure all security tooling integrates with existing infrastructure and identity platforms. Lead POCs, vendor evaluations and build-vs-buy decisions for new security technologies.

3. Security Operations & Incident Response

• IR Leadership: Own the full incident response lifecycle — detection, triage, containment, eradication, recovery, post-incident review. Author and maintain IR playbooks, runbooks and escalation procedures.

• Threat Intelligence: Investigate security events, perform root cause analysis, and apply threat intelligence to improve defensive posture. Understand attacker TTPs and operationalise frameworks like MITRE ATT&CK and NIST CSF.

• Vulnerability Management: Own the vulnerability management programme end to end — scanning, prioritisation, remediation tracking, SLA enforcement and executive reporting across infrastructure, endpoints and applications.

• Application & API Security: Assess the security of internal applications, third-party integrations, APIs, payment flows and authentication systems. Identify both technical vulnerabilities and product-level abuse scenarios.

4. Identity, Access & Endpoint Security

• IAM & Zero Trust: Architect and enforce the identity strategy — SSO, MFA, SAML, OAuth, SCIM, conditional access, passwordless authentication. Design and enforce least-privilege and zero trust access policies across all systems.

• Endpoint Security: Define and enforce endpoint security standards at scale — hardening, patching, disk encryption, MDM, device compliance. Own the endpoint security posture across the full macOS and Windows fleet.

• Access Governance: Design and run access review and certification programmes. Proactively identify over-provisioned access, orphaned accounts, shadow IT and policy gaps. Maintain a clean, auditable access estate.

5. Governance, Risk, Compliance & Documentation

• Build the Framework: Establish the security governance framework from the ground up policies, standards, procedures and controls aligned to ISO 27001, SOC 2, Cyber Essentials and GDPR. This function doesn’t exist yet; you’re creating it.

• Audit & Compliance: Maintain continuous audit readiness. Own evidence collection, control testing, gap analysis and remediation tracking. Be the person who sits with auditors and delivers clear, documented, defensible answers.

• Risk Management: Conduct threat modelling and risk assessments. Own the risk register, drive treatment plans, and report on residual risk to leadership. Ensure risk management is embedded into project and change processes.

• Documentation: Build and maintain the full security documentation estate architecture diagrams, tool configurations, runbooks, incident reports, risk registers, process maps, policy library. Set the standard for what good documentation looks like.

• Security Awareness: Own the security awareness programme — phishing simulations, training campaigns, onboarding security inductions, policy rollouts. Be the visible face of security across the business.

What We're Looking For

• 6+ years in security engineering, enterprise security or security operations with demonstrated impact building or significantly maturing a security function

• Deep hands-on experience deploying, configuring, managing and troubleshooting enterprise security
  tools — EDR/XDR, SASE/SWG, SIEM, DLP, email security, endpoint privilege management, MDM

• Expert-level knowledge of identity and access management SSO, SAML, OAuth, SCIM, conditional access, MFA, passwordless with proven zero trust implementation in production

• Led incident response investigations end to end — built playbooks, managed containment and drove remediation across real-world security incidents

• Strong scripting and automation capability (Python, Bash, PowerShell) applied to detection engineering, security operations and compliance automation

• Direct experience building security governance — writing policies, implementing controls, preparing for and leading audit engagements (ISO 27001, SOC 2, Cyber Essentials, GDPR)

• Fluent in security frameworks and threat methodologies (MITRE ATT&CK, NIST CSF, CIS Controls, OWASP) with practical application, not just theoretical knowledge

• Experience securing cloud-native and SaaS-heavy environments (AWS preferred)

• Strategic thinker who can define a roadmap, influence stakeholders and make security decisions that balance risk with business enablement

Highly Desirable

• Experience in iGaming, fintech or another heavily regulated industry with understanding of gaming regulatory frameworks and player data protection

• Background in application security, API security testing, secure SDLC or product security within a platform-based business

• Hands-on SIEM detection engineering — writing correlation rules, building dashboards, tuning alert logic at scale

• Experience with cloud security tooling (AWS GuardDuty, Security Hub, CloudTrail, Config), SSPM, CASB or DLP platforms

• Relevant senior certifications (CISSP, CISM, GIAC GSEC/GCIH/GCIA, CySA+, vendor-specific: CrowdStrike CCFA/CCFR, Netskope) or equivalent proven track record

• Experience mentoring engineers, building team capability or shaping security culture across an organisation

What We Offer

At MrQ, we take pride in providing an array of fantastic benefits to our valued team members. Enjoy a competitive salary package that recognizes your hard work and dedication. Need some extra time off? We've got you covered with additional leave days, and we believe in celebrating life's special moments, including your birthday, with dedicated birthday leave. Family matters to us, too, which is why we offer a generous four-week parental leave. Your well-being is our priority, supported by international health and life insurance. Stay motivated with wellness incentives and seize opportunities for personal and professional growth with our growth allowance. Embrace a flexible working environment that caters to your needs, and join our friendly and multinational team, where collaboration and camaraderie flourish. At MrQ, we're committed to ensuring that your experience with us goes beyond just a job – it's a fulfilling journey with a supportive community.

We are committed to fostering a workplace that values and celebrates diversity. We welcome individuals of all backgrounds and experiences, and we believe that a diverse and inclusive environment leads to innovation and success. We actively promote equal opportunities for all employees and strive to create a space where everyone's voices are heard and respected. Join us in our journey to build a truly inclusive workplace where every person can thrive and contribute to our collective success.

To help our recruitment team work efficiently, please apply to the role that best matches your skills and experience. Our team will consider you for other similar roles as well!