Game Security Lead

Company Description

People Can Fly is one of the leading independent AAA games development studios with an international team of hundreds of talented individuals working from offices located in Poland, UK, Ireland, US, and Canada and from all over the world thanks to our remote work programs.

Founded in 2002, we made our mark on the shooter genre with titles such as Painkiller, Bulletstorm, Gears of War: Judgment, and Outriders. We are one of the most experienced Unreal Engine studios in the industry and we are expanding it with in-house solutions called PCF Framework.

Our creative teams are currently working on several exciting titles: Gemini is our new project being developed with Square Enix; Maverick is a Triple-A game developed in collaboration with Microsoft Corporation; Bifrost, Victoria and Dagger are projects we're growing in the self-publishing model. We also have one project in the concept phase – Red; as well as two projects in VR technology – Green Hell VR and Bulletstorm VR - an exciting VR version of our cult-classic shooter.

With over 20 years of experience, PCF sets out to explore new horizons. We aim to combine our expertise with the creativity of the best and most forward-thinking talents in the industry to work together on the new generation of action games for the global gaming community.

If you decide to accompany us on this journey, you’ll have a chance to perfect your craft and expand your knowledge, working alongside leaders in the industry to bring a brand-new unique experience to the players worldwide.

Job Description

People Can Fly is looking for a Game Security Lead to join our upcoming live games. 

As Game Security Lead, you will be responsible for protecting the integrity of the online player experience, supporting our titles from malicious actors and insider threats. Working closely with internal teams, you will define vulnerability management strategies, and work with production teams on delivering and enforcing these on a game-by-game basis. In addition to creating and supporting  our security monitoring platforms, you will also work with our Live QA, BI, Customer Support and Community team on identifying new threats as they arise and plan for mitigations. 

The ideal candidate will have worked in game security or anti-cheat related security functions in live games for PC and / or console in addition to excellent communication skills, with the ability to convey complex security concepts to diverse audiences.

Responsibilities:

• Work with leadership to set direction for Game Security processes, procedures and playbooks. 
• Define, document, and implement secure code development best practices, including creating a suitable RACI chart and sign-off process.
• Conduct thorough security assessments (both automated and manual) of all existing code to ensure alignment with established security standards.
• Support projects with various security tasks, including threat modeling, managing security checklists, and facilitating penetration testing.
• Lead the day-to-day anti-cheat operations for our online titles and work directly with Finance, IT, Game teams and 1st parties on identifying and resolving threats as they arise. 
• Leverage extensive technical experience to provide direction and develop processes around internal technical analysis of cheats, hacks, and other malicious third-party software targeted at our products.
• Identify trends and develop and provide insightful reporting in cheating and associated threat areas, with a view of building up an internal threat intelligence team in future. 
• Contribute to the development and monitoring of key risk and performance indicators in partnership with our BI team.
• Partner closely with Live Ops, production, and Publishing to define technology, tooling, and process advancements required to defend the online player experience.
• Create and maintain an inventory of third-party libraries, ensuring all known vulnerabilities are managed.
• Define and lead a periodic review cycle to scrutinize our security practices and implement improvements.
• Define a risk framework to drive remediation and monitor timelines for activities.

Qualifications

• 4+ years of experience in game security, anti-cheat, or related security functions.
• Knowledge of vulnerability risk assessments, threat modeling, and using tools to support secure software development.
• Proven ability to manage and mentor technical and non-technical individual contributors. 
• Experience supporting the ongoing operations of a live service game. 
• Deep technical familiarity with reverse engineering concepts and cheating tools, to include some programming experience
• Strong incident response experience
• Knowledge of client-server and peer-to-peer gaming architectures.
• Comfortable with pivoting between different tasks during the workday as new priorities emerge during the launch of a title.

Desirable: 

• Professional certification in information security (e.g., CISSP, CISM, OSCP, OSCE or equivalent).

Additional Information

What we offer:

• A competitive salary and performance-based annual bonuses.
• Private medical healthcare (Vitality) and BUPA dental insurance for PCF's employees and their families.
• Access to wellbeing platform - Gympass for employees and family members.
• Access to Worksmile - cafeteria program.
• Online Polish and English language classes.
• Access to the pension scheme.
• Flexible working hours.
• Free virtual health and mental wellbeing sessions included in the plan for members and their dependents.
• Personal development opportunities and ability to work in a global environment.
• Work in a creative team with people full of passion for what they do.

We are committed to an inclusive and diverse work culture. PCF is an equal opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, genetic information, marital status or any legally protected status.