Job Description

About Us

At PointsBet, we’ve only built a fraction of what we have imagined. Launched in Australia in 2017, PointsBet has grown into a leader in the online gaming industry, delivering top-tier sportsbook and online gaming experiences to customers across Australia and Canada.

In 2025, PointsBet joined forces with MIXI, Inc., a Tokyo-based digital entertainment company known for pioneering social communication and sports entertainment experiences. Together, we combine MIXI’s deep expertise in building global communities, with PointsBet’s cutting-edge technology and product innovation, unlocking new opportunities to shape the future of digital entertainment.

Driven by a passion for innovation and a strong commitment to responsible gaming, we’re powered by a diverse team that champions safety, integrity and the thrill of the game.

About the Role

The Security Engineer will be responsible for the following:

• Actively participate in the identification, investigation, and remediation of security incidents.
• Work closely with the Senior Security Incident Manager and Senior Security Engineer, to mitigate issues / risks (including, internal security incidents, and escalated incidents from a third-party SIEM provider).
• Work with Business and Infrastructure teams, to support security incidents (e.g., IT Operations, Cloud Platform Engineering, Site Reliability Engineering).
• Manage and enhance the organisation's penetration testing and vulnerability management processes, verifying a proactive approach to identifying and mitigating security risks.
• Recommend security control improvements, which are commensurate with the risk profile of systems and data.
• The Security Engineer role will report to the Head of Information Security. The Security Engineer role will engage with stakeholders both locally and globally.

Key Accountabilities

• Partner with software engineers and Cloud Platform Engineering, to identify / remediate: Infrastructure-as-Code (IaC) misconfigurations, API security weaknesses, and cloud native design flaws.
• Implement and co-ordinate containment actions, in the event of an incident (e.g., isolating affected systems, blocking malicious IPs/domains).
• Optimise and integrate information security processes / toolsets (including., security incident management, vulnerability management, data loss prevention).
• Communicate technical issues to non-technical stakeholders and manage internal / external stakeholder expectations, to an agreed criteria (including., influence, negotiate, and provide advice).
• Review and implement security control for platforms, with Business and Infrastructure teams.
• Advocate for improvements / modifications to existing patch management policies and schedules, to verify critical / high vulnerabilities are addressed in a timely manner.
• Develop and coordinate remediation plans, to reduce PointsBet’s attack surface / risk exposure.
• Contribute to the identification of emerging threats, and develop preventative security measures.

Skills & Core Competencies

• Strong project management skills, and proficient in coordinating with cross-functional teams.
• Demonstrate an understanding of the life cycle of threats, attack vectors, and methods of exploitation.
• Demonstrate an understanding of intrusion set tactics, techniques, and procedures.
• Strong understanding of security principles, practices, and technologies.
• Exhibit good written and verbal communication skills with PointsBet peers and management.
• Experience in working on cloud platforms, with a strong preference for the Microsoft Azure platform.
• Significant experience in identifying and responding to threats (including, both internal and external), vulnerability management, email analysis, risk assessment, log analysis, threat intelligence, and cloud monitoring.
• Expertise in using Microsoft Defender and third-party SIEM tools, to manage and respond to critical security incidents.
• Identification of control gaps and recommend modifications / remediations, to address areas that affect PointsBet (including., legal, and compliance / regulatory, and preventative / detective security controls).

Essential Skills

• Four plus (4+) years of experience working in the security domain, and incident response.
• Participate in security processes (including., creation, and improvement).
• Promote a strong security risk culture (including., education, and awareness).
• Assist in the development and implementation of security documentation.
• Ability to detect, respond to, and mitigate security incidents.
• Experience using: Microsoft - Azure platforms (including., Entra, InTune, Defender, Cloud Apps, DevOps, kubernetes service, windows subsystem for Linux, event hubs, app services [API, Function, Logic, Web], virtual machines, database [SQL, Cosmos, Databricks]), Microsoft Defender Cloud, Wiz, and CloudFlare.
• Knowledge of technologies (including, firewalls, IDS / IPS, email security tools, device compliance, application restrictions, data protection, and network / endpoint protection.)
• Sound understanding of security processes (e.g., access management, vulnerability / patch management).

Why Join Us?

We’re built different at PointsBet because we think different. We value diverse perspectives and are excited to hear from applicants with unique skill sets. Your individuality and experience could be the perfect addition to our team.