Senior Application Security Engineer

October 20

Apply Now

Receive Emails with Similar Jobs

Fortis Games

WebsiteLinkedInAll Job Openings

video games • games • gaming • social games • interactive entertainment

201 - 500

Description

• Own the Application Security technology stack and associated processes and procedures. • Help maintain our build & deployment processes. • Provide architectural guidance and leadership on best practices regarding security in software development, shared services, user interface design frameworks, high performance solutions, server-side development, integrations, tools and technologies. • Implement, tune, and help game teams understand the output from static and dynamic analysis tools. • Collaborate with engineers, consultants and leadership to address security risks and provide mitigation recommendations within the Secure Software Development Lifecycle (SSDLC). • Perform validation of security controls to ensure consistency with compliance and industry standard methodologies • Track project progress through project management software such as ClicklUp JIRA, Confluence and Google suite. • Build relationships with cross functional teams to execute projects on time and with high quality. • Perform audits and assessments to identify risk and create a remediation plan. • Define security test strategies for complex systems, identifying security vulnerabilities • Build reports and communicate security posture to all levels of the organization. • Detect and remedy related security issues such as OWASP top 10 • Manage multiple projects concurrently and maintain project & technology-level documentation.

Requirements

• Prior experience working on an Application Security team (experience at a mobile gaming organization a plus) • Expert knowledge with architecting and implementing security solutions into Secure Software Development Lifecycle (SSDLC) and CI/CD pipelines • Familiarity with building and architecting build & deploy processes, infrastructure-as-code (IaC), and CI/CD pipelines • Experience with multiple languages such as C#, Typescript, Javascript, etc. • Ability to understand business requirements and apply security without adversely affecting the desired functionality. • Experience analyzing critical parts of the codebase with the ability to define and review high risk code for vulnerabilities • Experience implementing, tuning and helping software teams understand the output from SCA, SAST, DAST tools • Understanding of international security and privacy requirements such as GDPR • Knowledge of automated attack tools and developing mitigation techniques • Firm understanding of enterprise class application architectures that are highly scalable and reliable and the expertise to secure them