Were looking for an experienced Application Security Researcher to join our growing Security team.
As an Application Security Researcher, youll take an active role in guiding our development teams, helping manage our secure development lifecycle in our products that serve millions of users daily. Youll also work closely with internal development teams to ensure our mobile games are designed and implemented securely.
Responsibilities:
Collaborate with the development teams to conduct design review, code review, and dynamic analysis.
Identify, communicate and drive the resolution of vulnerabilities.
Research and advocate for new security solutions and technologies.
Continue to drive early security evaluation by conducting iterative security testing.
Implement automated secure coding tools and processes (SAST, IAST) to review code as its written, promoted through the development lifecycle, and into production.
Operate as an incident responder for triage pertaining to web-based vulnerabilities.
As an Application Security Researcher, youll take an active role in guiding our development teams, helping manage our secure development lifecycle in our products that serve millions of users daily. Youll also work closely with internal development teams to ensure our mobile games are designed and implemented securely.
Responsibilities:
Collaborate with the development teams to conduct design review, code review, and dynamic analysis.
Identify, communicate and drive the resolution of vulnerabilities.
Research and advocate for new security solutions and technologies.
Continue to drive early security evaluation by conducting iterative security testing.
Implement automated secure coding tools and processes (SAST, IAST) to review code as its written, promoted through the development lifecycle, and into production.
Operate as an incident responder for triage pertaining to web-based vulnerabilities.
Requirements:
3 years of proven experience with high-level code auditing on backend or relevant military service.
3 years of proven experience in AppSec research, including a deep understanding of major AppSec attacks, vulnerabilities and mitigations including SQL injection, Deserialization, RCE, etc or relevant military service.
Familiarity with a wide range of programming languages (Go, JavaScript, TypeScript, etc) and Software Development Life Cycle (SDLC).
Experience with cloud environments – specifically AWS and GCP – Advantage
Familiarity with a wide range of database types and architectures.
Found a high-severity vulnerability in a popular app – Advantage
Familiar with mobile application platforms and APIs like Google Play, App Store – Advantage.
3 years of proven experience with high-level code auditing on backend or relevant military service.
3 years of proven experience in AppSec research, including a deep understanding of major AppSec attacks, vulnerabilities and mitigations including SQL injection, Deserialization, RCE, etc or relevant military service.
Familiarity with a wide range of programming languages (Go, JavaScript, TypeScript, etc) and Software Development Life Cycle (SDLC).
Experience with cloud environments – specifically AWS and GCP – Advantage
Familiarity with a wide range of database types and architectures.
Found a high-severity vulnerability in a popular app – Advantage
Familiar with mobile application platforms and APIs like Google Play, App Store – Advantage.
This position is open to all candidates.