Remote Middle Application Security Engineer position | EPAM Anywhere
Back icon

Middle Application Security Engineer for Video Game Company

Middle Application Security Engineer for Video Game Company 40 hrs/week, 12+ months

Currently, we are looking for a remote Middle Application Security Engineer with 2+ years of experience in Information Security principles, technology, and control processes to join our team.

The customer is an American video game and software developer and publisher, developing commercially available game engines which also powers their internally developed video games.

Responsibilities

  • Application Security Assessments - Define and update an application security methodology and perform assessments across internal, external applications
    • Secure Coding - Keep Web development teams apprised of secure coding best practices, and assist with static/dynamic code analysis
      • Assist in the design, creation, testing, documentation, deployment and maintenance of new automation, capabilities and Security services for the InfoSec team ​
        • Stay abreast of internal Epic applications and their security posture
          • Blue Team Cross Training - Remains abreast of Application Security threats and defines and develops InfoSec training on web-based exploits/tools and corresponding mitigation techniques

            Requirements

            • 2+ years experience of Information Security principles, technology, and control processes
              • 2+ years of development experience building systems in languages such as Python, C++, Golang/Rust
                • Experience in design review and threat modeling
                  • Experience with providing security services as part of an SDLC
                    • Experience with Secure Coding and AppSec frameworks (OWASP Guide, SANS CWE Top 25, CERT Secure Coding)
                      • Experience working with and setting up services on AWS infrastructure
                        • Understand and be able to apply concepts such as algorithms, data structures, OOO design, databases
                          • The ability to work with a team, building complex solutions is a plus
                            • Knowledge of how to work with CI/CD systems is also a plus
                              • Knowledge of Docker and Terraform is also a plus
                                • CEH and Offensive Security Certification (OSCP, GPEN, or GWAPT)
                                  • Excellent oral and written communication skills, including report writing and technical documentation
                                    Security.Engineering
                                    Application Security
                                    Code Review Process
                                    DAST (Dynamic application security testing)
                                    SAST (Static Application Security Testing)
                                    Security Testing
                                    Threat Modeling

                                    Benefits in eligible locations

                                    location.svg
                                    ImageImage

                                    For you

                                    • Prepaid Medicine with Colsanitas for you and your legal dependents 
                                    • MetLife Life Insurance for you 
                                    • Thousands of projects for top brands
                                    • Stable income
                                    ImageImage

                                    For your comfortable work

                                    • 100% remote work forever
                                    • Free licensed software
                                    • Possibility to work on your own device (BYOD)
                                    • Stable workload
                                    • Relocation opportunities
                                    • Flexible engagement models
                                    ImageImage

                                    For your growth

                                    • Free trainings for technical and soft skills
                                    • Free access to LinkedIn Learning platform
                                    • Support from a personal Skill Advisor
                                    • Language courses
                                    • Free access to internal and external e-Libraries
                                    • Access to internal communities and competency centers
                                    • Certification opportunities

                                    40 hrs/week

                                    Hours per week

                                    12+ months

                                    Project length

                                    Colombia, Mexico

                                    Locations eligible for the position