Requisition Number: 152360

Position Title: Software Engineer I - Security

External Description:

The Security Engineer is a member of the Verification & Pentest team under the Game & Product Security Engineering group within EA's Information Security department.

As a Security Engineer, your primary job will be to discover vulnerabilities in EA’s games and gaming infrastructure. Your work will help protect our business data, our employee data, and most importantly, our customers.

The security assessments you perform will cover everything from web applications, to network infrastructure, to white-box and black-box reviews of thick clients and servers. In addition to identifying security issues, you’ll need to determine the business risk posed by the vulnerabilities you discover and be able to communicate your findings across teams to both technical and non-technical audiences. You will also assist in EA’s anti-cheating, anti-fraud, and anti-piracy efforts.

The ideal candidate has a deep understanding of security principals and a passion to learn new technologies, challenge assumptions, and find new ways to solve problems.

Focus Areas

• Conduct static and dynamic application security vulnerability research assessments on EA products running on PC, web, mobile, and consoles
• Perform network infrastructure security assessments on game servers and gaming infrastructure
• Advise and consult with EA staff to identify and reduce security risks
• Solve complex technical problems and articulate to both technical and non-technical partners
• Identify root causes for vulnerabilities (whether they be in design, in implementation, or in configuration) and recommend future preventative measures
• Teach, learn, and develop your skillset within the team

Requirements

• Bachelor’s degree or Master’s Degree in Computer Science or Information Security
• Fundamental understanding of CWE Top 25 and OWASP Top 10 vulnerabilities, and ability to discover these vulnerabilities in assessment targets
• Knowledge of operating systems internals for Windows, Linux, iOS, and Android
• Network infrastructure security knowledge for both traditional networks and cloud
• Ability to read and understand unfamiliar code and to identify new application security vulnerabilities in C++, Java, C#, and common scripting languages
• Experience with security assessment tools such as Burp Suite, Nessus, nmap, and Wireshark
• Software development experience and the ability to write your own tools and automation scripts
• Ability to find all instances of a given vulnerability in a product upon discovering a single instance of the vulnerability
• Excellent verbal and written English skills, interpersonal skills, and professionalism in dealing with all levels of management and staff
• Trustworthiness, as you will be trusted to handle sensitive assets

City:

State:

Community / Marketing Title: Security Engineer

Company Profile:

Electronic Arts Inc.는 세계를 선도하는 인터랙티브 엔터테인먼트 소프트웨어 기업입니다. EA는 인터넷 콘솔, 개인용 컴퓨터, 휴대전화, 태블릿용 게임과 콘텐츠 및 온라인 서비스를 제공합니다.

EEOText: EA는 균등한 기회의 제공을 실천합니다. 모든 채용은 인종, 피부색, 출신 국가, 혈통, 생물학적/사회적 성별, 성 정체성 또는 표현, 성적 성향, 나이, 유전 정보, 종교, 장애 여부, 질병 유무, 임신 여부, 혼인 상태, 가족 상황, 군 복무 여부, 또는 법으로 금지된 기타 요인을 고려하지 않고 결정됩니다. 또한, 해당 직책에 합당한 능력을 갖추고 있다면 범죄 기록이 있는 지원자도 관련 법률을 준수하는 방식으로 채용 여부를 고려합니다. EA는 관련 법률에서 명시하는 대로 업무 공간에 장애가 있는 입사 지원자 또는 예정자를 위한 시설을 마련해두고 있습니다.

Days Open: 148

Can this position be remote?:

EEO Employer Verbiage:

EA는 균등한 기회의 제공을 실천합니다. 모든 채용은 인종, 피부색, 출신 국가, 혈통, 생물학적/사회적 성별, 성 정체성 또는 표현, 성적 성향, 나이, 유전 정보, 종교, 장애 여부, 질병 유무, 임신 여부, 혼인 상태, 가족 상황, 군 복무 여부 등의 요인을 고려하지 않고 결정됩니다. EA는 관련 법률에서 명시하는 대로 업무 공간에 장애가 있는 입사 지원자 또는 예정자를 위한 시설을 마련해두고 있습니다.