Requisition Number: 152360

Position Title: Software Engineer I - Security

External Description:

The Security Engineer is a member of the Verification & Pentest team under the Game & Product Security Engineering group within EA's Information Security department.

As a Security Engineer, your primary job will be to discover vulnerabilities in EA’s games and gaming infrastructure. Your work will help protect our business data, our employee data, and most importantly, our customers.

The security assessments you perform will cover everything from web applications, to network infrastructure, to white-box and black-box reviews of thick clients and servers. In addition to identifying security issues, you’ll need to determine the business risk posed by the vulnerabilities you discover and be able to communicate your findings across teams to both technical and non-technical audiences. You will also assist in EA’s anti-cheating, anti-fraud, and anti-piracy efforts.

The ideal candidate has a deep understanding of security principals and a passion to learn new technologies, challenge assumptions, and find new ways to solve problems.

Focus Areas

• Conduct static and dynamic application security vulnerability research assessments on EA products running on PC, web, mobile, and consoles
• Perform network infrastructure security assessments on game servers and gaming infrastructure
• Advise and consult with EA staff to identify and reduce security risks
• Solve complex technical problems and articulate to both technical and non-technical partners
• Identify root causes for vulnerabilities (whether they be in design, in implementation, or in configuration) and recommend future preventative measures
• Teach, learn, and develop your skillset within the team

Requirements

• Bachelor’s degree or Master’s Degree in Computer Science or Information Security
• Fundamental understanding of CWE Top 25 and OWASP Top 10 vulnerabilities, and ability to discover these vulnerabilities in assessment targets
• Knowledge of operating systems internals for Windows, Linux, iOS, and Android
• Network infrastructure security knowledge for both traditional networks and cloud
• Ability to read and understand unfamiliar code and to identify new application security vulnerabilities in C++, Java, C#, and common scripting languages
• Experience with security assessment tools such as Burp Suite, Nessus, nmap, and Wireshark
• Software development experience and the ability to write your own tools and automation scripts
• Ability to find all instances of a given vulnerability in a product upon discovering a single instance of the vulnerability
• Excellent verbal and written English skills, interpersonal skills, and professionalism in dealing with all levels of management and staff
• Trustworthiness, as you will be trusted to handle sensitive assets

City:

State:

Community / Marketing Title: Security Engineer

Company Profile:

Electronic Arts Inc.は、インタラクティブ・エンターテイメント・ソフトウェアの世界的大手企業です。 EAは、インターネットに接続されたコンソール、パソコン、携帯電話、タブレットに対してゲーム、コンテンツおよびオンラインサービスを提供しています。

EEOText: EAは雇用機会を均等に提供します。 雇用に関する決定を下す際は、人種、肌の色、国籍、出身国、出身民族、身体的性別、社会/文化/心理的性別、性別自認または性別表現、性的指向、年齢、遺伝情報、宗教、身体障害、病状、妊娠、婚姻状況、家族状況、軍役経験の有無、および法律で保護されたその他のあらゆる状況は考慮されません。 また、犯罪歴のある人物の雇用も、募集要項を満たす応募者の場合は適用法令に従って検討します。 さらにEAでは、身体に障害のある方々のために、適用法令によって定められた職場環境を整えることも行っています。

Days Open: 148

Can this position be remote?:

EEO Employer Verbiage:

EAは雇用機会を均等に提供します。 雇用に関する決定を下す際は、人種、肌の色、国籍、出身国、出身民族、身体的性別、社会/文化/心理的性別、性別自認または性別表現、性的指向、年齢、遺伝情報、宗教、身体障害、病状、妊娠、婚姻状況、家族状況、軍役経験の有無は考慮されません。 さらにEAでは、身体に障害のある方々のために、適用法令によって定められた職場環境を整えることも行っています。