Attack Emulation Lead

Requisition Number: 156412

Position Title: Sr Software Engineer I - Security

External Description:

Attack Emulation Lead

Location Information: Guildford

We’re EA—the world’s largest video game publisher. You’re probably familiar with many of our titles—Jedi The Fallen Order, The Sims, Apex Legends, Star Wars Battlefront II, Madden, FIFA, Need for Speed, to name a few. But maybe you don’t know the kind of challenges that you, as a security professional, would be exposed to in a game company - security challenges that are unique to our world.  What does that mean for you? It means more opportunities to unleash your creative genius, be inspired by those around you and ignite your path in any direction you choose.

Summary

Attack Emulation Lead position is a highly technical hands on role that plays a pivotal role in security risk management across EA. The mission of this role includes, but is not limited to, emulating advanced persistent threat (APT) tactics, techniques and procedures (TTPs) and other cyber attackers to test security detections and visibility, supporting incident response operations with offensive activities to help preempt an attackers next moves, running counter intelligence and deception technical operations against adversarial groups, developing bespoke malware and customizing existing malware to mimic adversary capabilities, malware reverse engineering to derive indicators of compromise that can then be pivoted on during hunting activities, technical security research to get ahead of the attackers and dealing with external partners and interfaces to collaborate on intelligence.

This role reports into the Threat Intelligence Unit as part of Attack Labs and maintains strong relations with all Global Security Incident Response groups. This person will work closely with several key individuals and teams including IR Operations, IR Engineering, Red team and Video Game Studios to perform attack emulation and incident response duties in line with the latest adversarial TTPs.

The Attack Emulation lead must have an excellent working knowledge of all aspects of offensive thinking/planning, malware reverse engineering, penetration testing, intelligence analysis, tool/exploit development, networking, operating systems and technical architectures. The successful candidate will also possess strong written and verbal communication skills as customer facing and teaming skills will be used daily.

 

Primary Responsibilities

• Respond to emerging threats such as APT and other forms of targeted attacks, organised crime, etc.
• Plan and conduct attacks on internally or externally hosted applications and infrastructure on a global scale with an emphasis on testing the effectiveness of detections and visibility.
• Design and develop scripts, frameworks, tools and the methods required for facilitating and executing complex attacks and emulating adversarial TTPs.
• Malware analysis and malware reverse engineering to extract indicators of compromise to be used to support testing and hunting activities.
• Active participation in attack analysis duties as part of security incident response. This allows this team to remain abreast of the latest adversary TTPs.
• Assemble and coordinate with the IR Ops and other teams at EA to resolve security incidents as quickly and efficiently as possible.
• Bespoke development of malware/rootkits and customization of existing malware to emulate adversarial capabilities.
• Communicate status of missions and hunting activities to EA Security leadership and studio leadership.
• Ensure effective knowledge management of findings and review results of any attack campaign in order to determine severity of findings and identify potential remediation or mitigation strategies.
• In-depth research of the latest adversarial TTPs and technologies to remain at the bleeding edge.
• Mentor and train more junior staff in attack techniques, tool/exploit development, intelligence analysis and adversarial tactics.
• Communicate effectively with representatives of the Lines of Business, technology specialists, and vendors.

 

Skills, Knowledge, and Abilities

The ideal candidate will have the following skills and experience:

• Professional level understanding and experience of intrusions analysis and security incident response.
• Strong malware analysis, reverse engineering and malware development skills.
• Strong experience/knowledge in at least 3 of the following (and knowledge of remainder):
• Web Penetration Testing (injection, XSS, validation, session mgmt, web services etc.;
• Database (Oracle, MSSQL, and MySQL: hosting, configuration, etc.);
• Network (protocols, traffic analysis, wireless, etc.);
• Operating System (UNIX, Solaris, Linux, Mac, Windows: configuration, file system, etc.);
• Development (coding, scripting, SQL, computer architecture, exploit writing, code analysis);
• Application Analysis (fuzzing, reverse engineering, disassembling (IDA, OllyDbg);
• Crypto (password cracking, encryption, algorithm analysis).
• Problem solving to learn new technical and non-technical analysis techniques to overcome problems.

City:

State:

Community / Marketing Title: Attack Emulation Lead

Company Profile:

Nous sommes une équipe internationale de spécialistes de la création, de la narration, de la technologie, de la génération d’expériences, de l’innovation et bien plus encore. Nous pensons que nos équipes doivent être aussi diversifiées que nos communautés afin de créer des jeux et des expériences inoubliables. Chez Electronic Arts, la seule limite est votre imagination.

EEOText: EA est un employeur qui offre l'égalité d'accès à l'emploi. Toutes les décisions d'emploi sont prises sans prendre en considération les critères de race, couleur de la peau, origine ethnique, descendance, sexe, genre, identité ou expressions de genre, orientation sexuelle, âge, de nature génétique, religion, invalidité, état de santé, grossesse, situation matrimoniale, situation familiale ou état d'ancien combattant. EA veille aussi à procéder à des aménagements spéciaux en milieu de travail pour les candidats qualifiés et présentant une invalidité, tel que requis par la loi en vigueur.

Days Open: 38

Can this position be remote?:

EEO Employer Verbiage:

À propos d'Electronic Arts

Toutes nos actions sont tendues vers le même objectif : transmettre l'envie de jouer. Au travers de nos jeux innovants, de nos services novateurs et de nos technologies de pointe, nous offrons des possibilités infinies à des millions de fans dans le monde entier.

 

Nous cherchons des personnes inclusives et collaboratives aux points de vue variés pour enrichir notre culture et nous stimuler. Grâce à notre programme d’avantages sociaux, nous adoptons une approche holistique centrée sur le bien-être physique, émotionnel, financier, professionnel et communautaire pour soutenir les membres de notre personnel à chaque chapitre de leur vie. Nous fournissons un ensemble complet d’avantages sociaux garantissant une vie équilibrée et offrant notamment des congés payés, des congés parentaux, des jeux gratuits et bien plus encore. Notre objectif est de fournir un environnement de travail sûr et bienveillant qui vous permet de vous épanouir sur le plan personnel comme sur le plan professionnel.

 

Electronic Arts souscrit au principe de l’égalité des chances. Nous prenons nos décisions en matière d’emploi sans distinction de race, de couleur, de pays d’origine, d’hérédité, de sexe, de genre, d’identité ou d’expression de genre, d’orientation sexuelle, d’âge, d’informations génétiques, de religion, de handicap, d’état de santé, de grossesse, de situation familiale, d’ancienneté ou de tout autre facteur protégé par la loi. Nous étudions également les candidatures des personnes qualifiées possédant un casier judiciaire, conformément à la loi en vigueur. Par ailleurs, EA aménage l’environnement de travail pour les personnes en situation de handicap, conformément à la loi en vigueur.