Cloud Security Engineer

Headquartered in New York City, Take-Two Interactive Software, Inc. is a leading developer, publisher, and marketer of interactive entertainment for consumers around the globe. The Company develops and publishes products principally through Rockstar Games, 2K, and Zynga. Our products are currently designed for console gaming systems, PC, and Mobile, including smartphones and tablets, and are delivered through physical retail, digital download, online platforms, and cloud streaming services. The Company’s common stock is publicly traded on NASDAQ under the symbol TTWO.

While our offices (physical and virtual) are casual and inviting, we are deeply committed to our core tenets of creativity, innovation and efficiency, and individual and team development opportunities. Our industry and business are continually evolving and fast-paced, providing numerous opportunities to learn and hone your skills. We work hard, but we also like to have fun, and believe that we provide a great place to come to work each day to pursue your passions.

Success in Take-Two Security means remaining open-minded and responsible to empower our label divisions to securely develop triple-A game content. The Cloud Security Engineer role requires the capability to analyze & implement Cloud Security Systems across the Take-Two technology stack. Work with our IT Infrastructure, Security Engineering & Ops teams to automate the discovery and inventory of cloud assets, ensuring full visibility and continuous updates to the asset registry. Work with Architecture to implement new solutions to improve on our Cloud Security, and SOC applications and to provide in developing new tools where the business requires. Reviewing cloud security change requests internally and across our domain subsidiaries to ensure connectivity between us and our customer’s clouds is implemented securely. Working regularly with Security colleagues in the label teams to assess and respond to their priorities as well as our own.

• Improve our Cloud Security posture via CSPM / CNAPP management for cloud computing, virtualization environments, & container security.
• Identifying misconfigurations or gaps, securing container storage, managing vulnerabilities, and automating the discovery of cloud assets across AWS, Azure, and GCP in collaboration with Security & IT teams
• Using existing Cloud Security monitoring systems to review and respond to events and process technical change requests in support of Infrastructure, Engineering, and Ops teams
• Represent T2’s compliance across the scope of Cloud Security applications with regular Key Performance or Risk Indicators
• Potential for participation in incident response with on-call availability
• Mapping system defenses and monitoring capabilities against threat frameworks like MITRE ATT&CK, and OWASP to build defenses for Take-Two assets with a variety of system solutions
• Use of project tools to illustrate objective progress and to accurately scope project work in line with expectations
• Capability to contribute to technical writing with T2 Information Security Policies, Standards, & technical project documentation in the T2 knowledge base in accordance with standard methodologies and compliance frameworks (e.g., NIST, CIS, ISO 27001)
• Periodic contribution to the T2 Risk management program by reviewing cloud asset and system configuration and patching in conjunction with vulnerability scan results
• Learn or develop programmatic automations and scripting to update Cloud Security systems regularly

• Have a heart for service and a tempered ego
• BA/BS or equivalent experience in computer science or related field
• 3-5 years in a Cloud Security, Security Engineering, or Network Security Engineering related environment
• Experience with AWS, GCP, Azure and other cloud or web services architecture and technologies
• Hands-on experience with CSPM/CNAPP platforms (e.g., Prisma Cloud, Wiz, Orca, Azure Security Center, AWS Security Hub)
• Knowledge of Security threat frameworks like MITRE ATT&CK, and OWASP
• Experience with programming languages Python, C, C++, C#, PowerShell, and VBScript for programmatic automation
• Comprehensive knowledge of cloud container storage, Kubernetes storage management, and securing cloud-native applications
• Proficient with analysis and understanding of network security concepts pertinent to cloud security methodologies
• Experience in a result oriented, retail media driven environment with key result timelines and varied customers