Apply on Employer Site

Medal · 13 hours ago

Data Security Engineer

United States

Full-time

Remote

Mid, Senior Level

$150K/yr - $280K/yr

Medal is a company focused on building next-generation gaming communities by connecting brands and players. The Data Security Engineer role involves securing infrastructure, hardening cloud environments, and protecting data pipelines while ensuring compliance and reducing operational risks.

GamingOnline GamesVideo GamesVideo Streaming

Responsibilities

Reduce the attack surface of GCP workloads, Kubernetes clusters, and on-prem systems through hardened defaults, workload isolation, and IAM discipline

Build automated security guardrails directly into Terraform, CI/CD, and Kubernetes deployments

Maintain comprehensive observability and auditability across all infrastructure components

Harden ingestion and ETL systems used for video and metadata processing

Enforce encryption standards, strict IAM scopes, audit logging, and boundary isolation between pipelines and production systems

Ensure complete visibility into the transfer and use of AI training data

Build visibility into privileged access and access drift across engineering

Automate key rotation, scoped roles, certificate workflows, and least-privilege baselines

Maintain a full audit of secrets and enforce secure handling across endpoints, services, and pipelines

Protect build systems against supply-chain attacks

Ensure all builds and dependencies are scanned and recorded with a verifiable audit trail

Strengthen GitHub Actions runners, workload identities, and artifact provenance

Develop and run drills, tabletop exercises, and incident-response workflows

Coordinate and validate external penetration tests

Conduct internal red-team tests and support threat modeling with engineering

Ensure we meet compliance requirements relevant to both creator data and AI training data

Qualification

GCPTerraformKubernetesCI/CDIAM designNetwork segmentationThreat modelingSecrets managementObservability toolsRed-team exercisesSecure coding practicesOperational security

Required

Strong experience with cloud infrastructure (especially GCP), Terraform, Kubernetes, containers, and modern CI/CD processes

Deep security fundamentals: IAM design, network segmentation, least privilege, secure-by-default patterns, and threat modeling

Hands-on experience with GCP/AWS security stacks (IAM, VPC SC, KMS, workload identity, Secrets Manager)

Familiarity with infrastructure observability and logging systems (Prometheus, Grafana, Cloud Logging, SIEM)

Strong secrets management and PKI experience (Vault or cloud-native equivalents)

Experience implementing or operating red-team / purple-team exercises

Understanding of secure coding practices and modern software supply-chain risks

Practical experience defending high-velocity environments with complex CI/CD workflows

Preferred

Security Engineer / DevOps hybrid roles at fast-growing mid-stage startups

SREs with a heavy security focus

DevOps engineers who became de-facto security leads in high-growth companies

Backgrounds from organizations with strong infra or security discipline

Company

Medal

Medal is a developer of a short-form gaming video clips platform to share digital game clips and highlights with gamers.

Founded in 2015

Naarden, Noord-Holland, NLD

51-200 employees

https://medal.tv

Funding

Current Stage

Growth Stage

Total Funding

$85.5M

Key Investors

OMERS VenturesMakers FundHorizons Ventures

2024-07-11Series Unknown· $13M

2021-12-14Series C· $45M

2020-01-01Series B· $15M

Leadership Team

Iggy Harmsen

Product

Joshua Lipson

Chief Architect

Recent News

Portugal Business News & Insights | Portugal Resident

MEDAL opens a new office in Lagos

2025-12-10

startupticker.ch

General Intuition raises USD 134 million

2025-10-18

Silicon Canals

Meet General Intuition: AI gaming startup co-founded by Dutch entrepreneur and Medal spin-off raises €114M Seed round

2025-10-18

Company data provided by crunchbase