Requisition Number: 152360

Position Title: Software Engineer I - Security

External Description:

The Security Engineer is a member of the Verification & Pentest team under the Game & Product Security Engineering group within EA's Information Security department.

As a Security Engineer, your primary job will be to discover vulnerabilities in EA’s games and gaming infrastructure. Your work will help protect our business data, our employee data, and most importantly, our customers.

The security assessments you perform will cover everything from web applications, to network infrastructure, to white-box and black-box reviews of thick clients and servers. In addition to identifying security issues, you’ll need to determine the business risk posed by the vulnerabilities you discover and be able to communicate your findings across teams to both technical and non-technical audiences. You will also assist in EA’s anti-cheating, anti-fraud, and anti-piracy efforts.

The ideal candidate has a deep understanding of security principals and a passion to learn new technologies, challenge assumptions, and find new ways to solve problems.

Focus Areas

• Conduct static and dynamic application security vulnerability research assessments on EA products running on PC, web, mobile, and consoles
• Perform network infrastructure security assessments on game servers and gaming infrastructure
• Advise and consult with EA staff to identify and reduce security risks
• Solve complex technical problems and articulate to both technical and non-technical partners
• Identify root causes for vulnerabilities (whether they be in design, in implementation, or in configuration) and recommend future preventative measures
• Teach, learn, and develop your skillset within the team

Requirements

• Bachelor’s degree or Master’s Degree in Computer Science or Information Security
• Fundamental understanding of CWE Top 25 and OWASP Top 10 vulnerabilities, and ability to discover these vulnerabilities in assessment targets
• Knowledge of operating systems internals for Windows, Linux, iOS, and Android
• Network infrastructure security knowledge for both traditional networks and cloud
• Ability to read and understand unfamiliar code and to identify new application security vulnerabilities in C++, Java, C#, and common scripting languages
• Experience with security assessment tools such as Burp Suite, Nessus, nmap, and Wireshark
• Software development experience and the ability to write your own tools and automation scripts
• Ability to find all instances of a given vulnerability in a product upon discovering a single instance of the vulnerability
• Excellent verbal and written English skills, interpersonal skills, and professionalism in dealing with all levels of management and staff
• Trustworthiness, as you will be trusted to handle sensitive assets

City:

State:

Community / Marketing Title: Security Engineer

Company Profile:

Electronic Arts Inc. 是全球领先的互动娱乐软件公司。 EA 提供适用于联网主机、个人电脑、手机和平板电脑的游戏、内容和在线服务。

EEOText: EA 是一个奉行机会均等的雇主。 所有招聘决定均不考虑种族、肤色、国籍、血统、生理性别、社会性别、性别认同或表达、性向、年龄、遗传信息、宗教信仰、残障状况、医疗状况、怀孕状况、婚姻状况、家庭状况、退伍军人身份或其他任何受法律保护的特征等因素的影响。 我们也会遵照相关法律，考虑雇佣带犯罪记录的合格申请者。 EA 还会遵照相关法律，为符合条件的残障个体改善工作环境。

Days Open: 148

Can this position be remote?:

EEO Employer Verbiage:

EA 是一个奉行机会均等的雇主。 所有招聘决定均不考虑种族、肤色、国籍、血统、生理性别、社会性别、性别认同或表达、性向、年龄、遗传信息、宗教信仰、残障状况、医疗状况、怀孕状况、婚姻状况、家庭状况或退伍军人身份等因素的影响。 EA 还会遵照相关法律，为符合条件的残障个体改善工作环境。