AVAILABLE POSITIONS Senior Application Security Engineer
Careers Category: IT, Development Operations & Security
Careers location: Remote, US, Remote, Canada
Connected Worker Type: Offsite
Requisition Id: R_Z-P208135
We are currently seeking a Senior Application Security Engineer to join our Product Security team. The team assesses, enables and influences the secure design, development, operation and usage of games, while also providing Offensive Security and Penetration testing capabilities. This individual will assess the security of gaming applications by analyzing their codebase, identifying vulnerabilities through reverse engineering, and evaluating the effectiveness of security controls implemented on mobile gaming apps to ensure player data and interactions remain secure and protected. The right candidate for this position has the technical knowledge and experience performing network and application penetration testing (both in code and live applications) in a fast-paced and agile environment.
- Conduct thorough penetration tests on applications, systems, and networks to identify vulnerabilities.
- Strong knowledge and experience with software engineering, native mobile applications, web services, APIs and Cloud environments
- Plan and deliver red team exercises to emulate attacks and identify areas of risk within our defences.
- Perform in-depth assessments of mobile app security architecture across platforms (iOS, Android, Nintendo, Steam and more).
- Assess the security of APIs by analyzing authentication, authorization mechanisms, input validation, and potential vulnerabilities.
- Highly articulate and able to craft comprehensive and clear reports and research to present to engineers and leadership.
- Perform reverse engineering and threat modeling of mobile application products and/or source code reviews (manual and SAST code audits) as needed.
- Stay up-to-date with the latest research on threats, attack vectors, and security trends and be ready to apply them in our environment.
- Mentor teammates, contributing to an innovative environment of technical excellence.
- Engage in continuous learning and research to improve your skills and contribute to the team's knowledge base.
DESIRED SKILLS AND EXPERIENCE
- 6-8 years of proven experience in pen-testing, vulnerability assessment, and red teaming.
- Experience with secure coding practices, code review, and familiarity with programming languages commonly used in game development ex: C, C++, C#, Go, Python, PHP, Obj-C/Swift, Linux and OSX
- Solid understanding of reverse engineering tools and techniques.
- Proficiency in assessing mobile applications for security vulnerabilities.
- Experience with API security testing and assessment.
- Familiarity with gaming-related security challenges and solutions is desirable
- A good rank in well-known bug bounty platforms is a plus
- Proven experience with tool development and security automation will be a strong plus
- Excellent problem-solving and critical-thinking skills.
- Strong written and verbal communication skills for crafting clear and effective reports.
- Ability to work independently and effectively in a fast-paced environment with changing priorities
- Ethical attitude with a dedication to maintaining the highest standards of integrity and professionalism.
Join the team and play a pivotal role in securing our systems, applications, and networks against evolving cyber threats. If you're passionate about hacking for good and want to make a meaningful impact, we encourage you to apply.
WHAT WE OFFER YOU
- Competitive salary, bonus plan and ESPP (Employee Stock Purchase Plan)
- 401K Company Match Contribution (US)
- RRSP/DPSP company match contribution (Canada)
- Health coverage, dental, disability, critical illness, EAP, and life insurance (Canada)
- Medical, dental, vision, EAP, life insurance, and disability benefits (US)
- Virtual mental health and neurodiversity support programs
- Global Fitness reimbursement program
- Global Wellbeing Program
- Financial wellness program with unlimited access to certified financial planners
- Discretionary Time Off policy for many employees
- Family planning support program
- Generous paid parental, pregnancy-related disability, caregiver, and compassionate leaves
- Subsidized Back-up child care
- Zynga happy hours and frequent employee events
- Flexible working hours on many teams
- Culture of diversity and inclusion including employee resource groups
- Work with cool people and impact millions of daily player
We are an equal opportunity employer and we are committed to building a diverse and talented workforce. We do not discriminate on the basis of race, sex, religion, colour, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, medical condition, disability, or any other class or characteristic protected by applicable law. We welcome job-seekers, players, employees, and partners from all backgrounds to join us!
We will consider all qualified job-seekers with criminal histories in a manner consistent with applicable law.
We are committed to providing reasonable accommodations to qualified individuals with physical or mental disabilities in order to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us at AccommodationRequest@zynga.com to request an accommodation associated with your application for an open position.
The pay range for this position in New York City at the start of employment is expected to be between $100,000 and $160,000 per year.
The pay range for this position in California at the start of employment is expected to be between $110,000 and $170,000 per year.
This is a fully remote role that may be based anywhere in the United States. The pay range for this position for applicants based in Colorado at the start of employment is expected to be between $85,000 and $125,000 per year.
However, base pay offered is based on market location, and may vary further depending on individualized factors for job candidates, such as job-related knowledge, skills, experience, and other objective business considerations. Subject to those same considerations, the total compensation package for this position may also include other elements, including a bonus and/or equity awards, in addition to a full range of medical, financial, and/or other benefits. Details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, employee will be in an “at-will position” and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation or benefit program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.
Zynga does not engage in financial exchanges during the recruitment or onboarding process. We do not conduct job interviews over third-party messaging apps such as Telegram, WhatsApp or others. We will never ask you for your personal or financial information over unofficial chat channels. Our in-house recruitment team only contacts individuals via official company email addresses (i.e., via a zynga.com or naturalmotion.com email domain).
If you believe you have been the victim of a scam, you may wish to contact the authorities. In the United States, you may file a complaint with the FBI. More information is available here: https://www.ic3.gov.
Select Your Country of Residence