Information Security Analyst

THE ROLE

ProbablyMonsters is currently seeking an Information Security Analyst to help monitor, protect, and strengthen the security of the data, assets, and systems that enable us to make world-class games. Do you enjoy investigating alerts, digging into security events, and collaborating with teams to reduce risk? Are you looking for a role where your attention to detail and curiosity make a real difference? If so, we may be looking for you! Our Information Security team supports organizations across our family of studios by monitoring security systems, analyzing threats, supporting incident response, and helping users navigate security best practices. Join our family of studios and play a key role in protecting the availability and integrity of our teams, our assets, and our customers.

WHO YOU ARE

You are a security professional who is comfortable working in dynamic, technology-heavy environments. You are an effective communicator with experience working across teams and departments, seeking ways to promote a culture of trust and respect. You are a team player who enjoys collaborating to solve problems. You are someone with strong time management and prioritization skills. You are curious and enjoy investigating alerts, events, and anomalies to understand what is really happening. You are comfortable working with moderate supervision and asking for guidance when requirements are unclear. You are a gamer or someone familiar with video gaming and the games industry. You enjoy engaging with teams to understand their needs and help them navigate security requirements. You stay current with trends and news in the security space and are excited to keep learning.

WHAT YOU WILL DO

Monitor security systems and tools — including SIEM, EDR, and network security platforms — for alerts, anomalies, and potential threats; triage and elevate incidents in accordance with established playbooks and severity guidelines Support the review and monitoring of network, systems, and tools for compliance with company security standards Assist in the investigation of security events and incidents, documenting findings and participating in post-incident reviews Help evaluate new security technologies and processes and provide feedback to senior engineers Confer with users to discuss issues such as access needs, security tool questions, and potential security violations Deliver security awareness training and promote a security‑conscious culture across studio teams Support AI/ML security monitoring efforts by flagging suspicious usage patterns in generative AI tools and escalating potential policy violations Assist in maintaining accurate asset inventories and vulnerability tracking data across studio and cloud environments

QUALIFICATIONS

Working knowledge of information security concepts and practices, including endpoint security, network security, vulnerability management, identity and access management, and security event monitoring Ability to learn new technologies and security tools quickly; good analytical and problem‑solving skills with the ability to manage multiple tasks Experience using or exposure to security platforms such as SIEM, EDR, antivirus, firewall, and content filtering solutions in a monitoring or support capacity Familiarity with networking fundamentals including TCP/IP, DNS, firewalls, and proxies Basic understanding of cloud environments (AWS or Azure) and awareness of how cloud-hosted systems differ from on-premises security considerations Familiarity with Microsoft Windows environments, Active Directory, and basic concepts around permissions and group policy Understanding of Linux and Windows operating system fundamentals and common hardening practices Ability to adapt to changing priorities and proactively flag problems or risks with systems, tools, and processes Working knowledge of the CrowdStrike Falcon platform, with exposure to one or more modules including Endpoint Detection and Response (EDR/Falcon Insight), Identity Threat Protection (Falcon ITP), Cloud Security (Falcon Cloud Security/CSPM), Exposure Management and Vulnerability Management (Falcon Spotlight), or SaaS Security Posture Management; ability to monitor dashboards, review detections, and follow up on alerts within the platform Awareness of AI/ML security risks such as prompt injection, data leakage through generative AI tools, and insecure API integrations; familiarity with responsible AI usage policies and the ability to help enforce them Familiarity with identity and access management concepts including MFA, SSO, and least‑privilege access principles Awareness of common compliance frameworks (NIST CSF, CIS Controls, SOC 2) and how they translate into day‑to‑day security practices

PREFERRED SKILLS

Experience with AWS and/or Azure cloud environments and familiarity with their native security tools and dashboards Exposure to Microsoft 365 security features, Defender, and Azure AD/Entra ID Familiarity with DevSecOps concepts and basic security tooling in development workflows (SAST/DAST, Git, Perforce, Jenkins) Experience with or exposure to network detective controls such as NDR, IDS, IPS, or SIEM platforms Exposure to security automation or configuration management tools (Ansible, Puppet, Chef, Terraform, or equivalent) Experience performing or assisting with vulnerability scans on Windows or Linux systems Game studio or gaming platform experience a plus Exposure to incident response processes, threat hunting concepts, or basic digital forensics Familiarity with risk management concepts and how organizations evaluate and accept security trade‑offs Understanding of CIS controls, benchmarks, and hardening practices Exposure to vendor or third‑party risk assessment processes Familiarity with CrowdStrike Falcon AI‑Driven Detection and Response (AIDR) capabilities, including AI‑native threat detection and Charlotte AI; interest in how AI‑augmented tooling can support faster alert triage Exposure to continuous penetration testing platforms (e.g., Pentera, NodeZero, Cymulate, or similar) and an understanding of how automated attack simulation supports control validation Experience evaluating AI/ML tools or platforms for security risk; familiarity with the OWASP LLM Top 10 Familiarity with Zero Trust concepts and identity‑centric security models Exposure to data loss prevention (DLP) tools or insider threat awareness programs One or more of the following certifications a plus: CompTIA Security+, CySA+, AWS Certified Security – Specialty, Azure Security Engineer Associate, GSEC, GPEN, or equivalent entry‑to‑mid‑level security certification About ProbablyMonstersTM ProbablyMonsters is a AAA independent video game company that aims to change the way games are made. We unite a diverse roster of development teams in a healthy, rewarding culture. We believe empowered creators build the most engaging games and deliver the best player experiences. ProbablyMonsters is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability. Benefits Medical Coverage - health, dental, and vision. Healthcare spending accounts, dependent care spending accounts, life and AD&D insurance. 401(k) with an annual contribution by the Company. Paid holidays and vacation, bereavement leaves, and parental leave. Eligibility to participate in these benefits may vary for part-time and temporary full-time employees and interns with the Company. Compensation This is a full-time, benefits‑eligible, exempt (salaried) position . The full salary range for this position is $95,000 - $138,000 per year. When an offer is made, many factors are considered, such as your unique experience and skills, where you live, where the work will be performed, what similar jobs pay, and internal equity. In addition to base pay, employees in this role may be eligible for additional incentives, such as short- and long-term incentives. Incentive compensation is not guaranteed. #J-18808-Ljbffr ProbablyMonsters