Senior Security Engineer

Electronic Arts   •  

Austin, TX

Not Specified years

Posted 238 days ago

This job is no longer available.

Main focuses for this role: 

  • Conduct static and dynamic application security analyses on a multitude of product platforms: PC, web, mobile, and consoles 
  • Perform network infrastructuresecurity assessments on game servers and gaming infrastructure 
  • Advise and consult with EA staff to identify and reduce security risks 
  • Solve complex technical problems and articulate to both technical and non-technical partners 
  • Identify root causes for vulnerabilities (whether they be in design, in implementation, or in configuration) and recommend future preventative measures 
  • Teach, learn, and develop your skillset within the team 
  • Research and develop security assessment tools, techniques, and process improvements 
  • Handling sensitive assets 


Required skills and experience: 

  • Extensive experience in application security 
  • Fundamental understanding of CWE Top 25 and OWASP Top 10 vulnerabilities, and ability to discover these vulnerabilities in assessment targets 
  • Knowledge of operating systems internals for Windows, Linux, iOS, and Android 
  • Networkinfrastructuresecurity knowledge for both traditional networks and cloud 
  • Ability to read and understand unfamiliar code and to identify new security vulnerabilities in C++, Java, C#, and common scriptinglanguages 
  • Experience with security assessment tools such as Burp Suite, Nessus, nmap, Qualys, and Wireshark
  • SW development experience to write your own tools and automation scripts
  • Excellent verbal and written English skills, interpersonal skills, and professionalism in dealing with all levels of management and staff 


Additional desired skills and experience: 

  • Bachelor's degree or Master's Degree in Computer Science or Information Security 
  • Information Security certifications such as CEH, CISSP, GSEC, OSCP, Security+ 
  • Experience with reverse engineering tools such as IDA Pro, OllyDbg, and Windbg 
  • Previously published CVEs, security tools and whitepapers 
  • Experience delivering talks at security conferences 
  • Experience creating and delivering security training courses 
  • Red Teaming experience