backgo to search

middle application security engineer for video game company

bullets
Security.EngineeringApplication Security, Code Review Process, DAST (Dynamic application security testing), SAST (Static Application Security Testing), Security Testing, Threat Modeling
bullets
Kazakhstan, Georgia

Currently, we are looking for a remote Middle Application Security Engineer with 2+ years of experience in Information Security principles, technology, and control processes to join our team.

The customer is an American video game and software developer and publisher, developing commercially available game engines which also powers their internally developed video games.

responsibilities
  • Application Security Assessments - Define and update an application security methodology and perform assessments across internal, external applications
    • Secure Coding - Keep Web development teams apprised of secure coding best practices, and assist with static/dynamic code analysis
      • Assist in the design, creation, testing, documentation, deployment and maintenance of new automation, capabilities and Security services for the InfoSec team ​
        • Stay abreast of internal Epic applications and their security posture
          • Blue Team Cross Training - Remains abreast of Application Security threats and defines and develops InfoSec training on web-based exploits/tools and corresponding mitigation techniques
            requirements
            • 2+ years experience of Information Security principles, technology, and control processes
              • 2+ years of development experience building systems in languages such as Python, C++, Golang/Rust
                • Experience in design review and threat modeling
                  • Experience with providing security services as part of an SDLC
                    • Experience with Secure Coding and AppSec frameworks (OWASP Guide, SANS CWE Top 25, CERT Secure Coding)
                      • Experience working with and setting up services on AWS infrastructure
                        • Understand and be able to apply concepts such as algorithms, data structures, OOO design, databases
                          • The ability to work with a team, building complex solutions is a plus
                            • Knowledge of how to work with CI/CD systems is also a plus
                              • Knowledge of Docker and Terraform is also a plus
                                • CEH and Offensive Security Certification (OSCP, GPEN, or GWAPT)
                                  • Excellent oral and written communication skills, including report writing and technical documentation
                                    • English level proficiency B1

                                      benefits for locations

                                      location.svg

                                      For you

                                      • Paid time off
                                      • Paid sick leave days
                                      • Medical insurance
                                      • Stable income

                                      For your comfortable work

                                      • 100% remote work forever
                                      • Free licensed software
                                      • Possibility to work on your own device (BYOD)
                                      • Stable workload
                                      • Relocation opportunities
                                      • Flexible engagement models

                                      For your growth

                                      • Free trainings for technical and soft skills
                                      • Free access to LinkedIn Learning platform
                                      • Language courses
                                      • Free access to internal and external e-Libraries
                                      • Certification opportunities
                                      • Skill advisory service
                                      subscribe to EPAM Anywhere vacancies!Hundreds of open jobs for Software Engineers, QA, DevOps, Business Analysts and other tech professionals
                                      Girl in front of laptop

                                      looking for something else?

                                      Find a vacancy that works for you. Send us your CV to receive a personalized offer.