Lead Security Engineer

Scorewarrior is a game developer and publisher based in Limassol, Cyprus. The company focuses on the 4X strategy genre, with an ambitious goal to grow its hit game, Total Battle, to become the No.1 strategy game in the world. Our team consists of 200+ passionate, talented, self-driven, and continually developing professionals who love making high-quality games.

Our product: We are currently working on Total Battle — an MMO 4X strategy game with a deep political system and lots of player interaction. Players take on the role of a commander and need to develop their city, forge alliances, fight against monsters, and conquer other players. We're constantly developing new game mechanics, and the project is continuing to grow.

Tasks to be solved

• Design and evolve the company’s identity and access management framework (MFA/SSO, access policies, and lifecycle management)
• Strengthen cloud and infrastructure security across GCP, including identity controls, logging, secrets management, backups, and production access patterns.
• Improve application security practices across the development lifecycle, including automated security checks in CI/CD (SAST, SCA, secret scanning, container security).
• Collaborate with engineering teams to implement secure development guardrails and practical remediation processes.
• Establish and maintain key security processes, including incident response, vendor security review, and security evaluation of new tools and technologies.
• Promote a strong security culture through documentation, internal guidance, and knowledge sharing.

• 8+ years of experience in cybersecurity, cloud security, or infrastructure security.
• Hands-on experience securing cloud environments (preferably GCP) including IAM, networking, logging, and secrets management.
• Experience implementing MFA / SSO / IdP and designing centralized access management.
• Experience integrating security checks into CI/CD, such as SAST, SCA, secret scanning, and container scanning.
• Experience working with engineering teams and translating security requirements into practical solutions.
• Ability to define pragmatic security policies and operational processes.

• Experience working in product companies (100–500 employees), ideally in gamedev, SaaS, or mobile products.
• Familiarity with security frameworks such as CIS Controls, NIST CSF, SOC 2, or ISO 27001.
• Experience working with external auditors, pentest vendors, or MDR/SOC providers.
• Experience building or scaling a security function in a growing organization.

Within the first months, you will build a clear understanding of our security landscape and help prioritize the most impactful improvements.

Success in this role means establishing strong security fundamentals across access management, infrastructure, and development workflows while enabling teams to move fast and build securely by default.

Over time, your work will result in clearer risk visibility, stronger protection of critical systems and data, and a security culture where teams see security as an enabler rather than a blocker.