Attack Emulation Lead

Requisition Number: 156412

Position Title: Sr Software Engineer I - Security

External Description:

Attack Emulation Lead

Location Information: Guildford

We’re EA—the world’s largest video game publisher. You’re probably familiar with many of our titles—Jedi The Fallen Order, The Sims, Apex Legends, Star Wars Battlefront II, Madden, FIFA, Need for Speed, to name a few. But maybe you don’t know the kind of challenges that you, as a security professional, would be exposed to in a game company - security challenges that are unique to our world.  What does that mean for you? It means more opportunities to unleash your creative genius, be inspired by those around you and ignite your path in any direction you choose.

Summary

Attack Emulation Lead position is a highly technical hands on role that plays a pivotal role in security risk management across EA. The mission of this role includes, but is not limited to, emulating advanced persistent threat (APT) tactics, techniques and procedures (TTPs) and other cyber attackers to test security detections and visibility, supporting incident response operations with offensive activities to help preempt an attackers next moves, running counter intelligence and deception technical operations against adversarial groups, developing bespoke malware and customizing existing malware to mimic adversary capabilities, malware reverse engineering to derive indicators of compromise that can then be pivoted on during hunting activities, technical security research to get ahead of the attackers and dealing with external partners and interfaces to collaborate on intelligence.

This role reports into the Threat Intelligence Unit as part of Attack Labs and maintains strong relations with all Global Security Incident Response groups. This person will work closely with several key individuals and teams including IR Operations, IR Engineering, Red team and Video Game Studios to perform attack emulation and incident response duties in line with the latest adversarial TTPs.

The Attack Emulation lead must have an excellent working knowledge of all aspects of offensive thinking/planning, malware reverse engineering, penetration testing, intelligence analysis, tool/exploit development, networking, operating systems and technical architectures. The successful candidate will also possess strong written and verbal communication skills as customer facing and teaming skills will be used daily.

 

Primary Responsibilities

• Respond to emerging threats such as APT and other forms of targeted attacks, organised crime, etc.
• Plan and conduct attacks on internally or externally hosted applications and infrastructure on a global scale with an emphasis on testing the effectiveness of detections and visibility.
• Design and develop scripts, frameworks, tools and the methods required for facilitating and executing complex attacks and emulating adversarial TTPs.
• Malware analysis and malware reverse engineering to extract indicators of compromise to be used to support testing and hunting activities.
• Active participation in attack analysis duties as part of security incident response. This allows this team to remain abreast of the latest adversary TTPs.
• Assemble and coordinate with the IR Ops and other teams at EA to resolve security incidents as quickly and efficiently as possible.
• Bespoke development of malware/rootkits and customization of existing malware to emulate adversarial capabilities.
• Communicate status of missions and hunting activities to EA Security leadership and studio leadership.
• Ensure effective knowledge management of findings and review results of any attack campaign in order to determine severity of findings and identify potential remediation or mitigation strategies.
• In-depth research of the latest adversarial TTPs and technologies to remain at the bleeding edge.
• Mentor and train more junior staff in attack techniques, tool/exploit development, intelligence analysis and adversarial tactics.
• Communicate effectively with representatives of the Lines of Business, technology specialists, and vendors.

 

Skills, Knowledge, and Abilities

The ideal candidate will have the following skills and experience:

• Professional level understanding and experience of intrusions analysis and security incident response.
• Strong malware analysis, reverse engineering and malware development skills.
• Strong experience/knowledge in at least 3 of the following (and knowledge of remainder):
• Web Penetration Testing (injection, XSS, validation, session mgmt, web services etc.;
• Database (Oracle, MSSQL, and MySQL: hosting, configuration, etc.);
• Network (protocols, traffic analysis, wireless, etc.);
• Operating System (UNIX, Solaris, Linux, Mac, Windows: configuration, file system, etc.);
• Development (coding, scripting, SQL, computer architecture, exploit writing, code analysis);
• Application Analysis (fuzzing, reverse engineering, disassembling (IDA, OllyDbg);
• Crypto (password cracking, encryption, algorithm analysis).
• Problem solving to learn new technical and non-technical analysis techniques to overcome problems.

City:

State:

Community / Marketing Title: Attack Emulation Lead

Company Profile:

Electronic Arts Inc. är ett globalt ledande mjukvaruföretag för interaktiv underhållning. EA levererar spel, innehåll och onlinetjänster för internetuppkopplade spelkonsoler, persondatorer, mobiltelefoner och surfplattor.

EEOText: EA är en arbetsgivare som är för likabehandlande. Alla anställningsbeslut görs utan hänsyn till ras, färg, ursprung, anor, kön, könsidentitet eller -uttryck, sexuell läggning, ålder, genetisk information, religion, funktionshinder, sjukdomstillstånd, graviditet, civilstånd, familjestatus eller veteranstatus. EA gör också arbetsplatsen tillgänglig på det sätt som krävs för kvalificerade personer med funktionshinder, enligt gällande lagar.

Days Open: 38

Can this position be remote?:

EEO Employer Verbiage:

Om EA

På Electronic Arts är vårt mål att inspirera världen till att spela. Vi skapar fantastiska nya spelupplevelser för miljontals spelare världen över genom att sammanföra talangfulla människor som kombinerar kreativitet, innovation och passion. Vi vet att vår mångfald är vår styrka. Vi skapar en inkluderande kultur för våra anställda och ger dem möjligheter att lära sig nya saker och vägleda andra anställda så de kan utföra sitt livs viktigaste och mest givande arbete.

Vi sätter våra anställda i första rummet. Vi erbjuder omfattande förmånspaket med fokus på hälsa och välstånd för att möta dina behov och hjälpa dig få en bra balans mellan karriären och privatlivet. Vi erbjuder dynamiska och samarbetsinriktade arbetsmiljöer, möjlighet att samverka via våra resursgrupper och hjälp med ett balanserat liv genom betald ledighet, föräldraledighet, gratis spel och mycket mer!

Electronic Arts är en arbetsgivare med lika möjligheter. Alla anställningsbeslut görs utan hänsyn till ras, färg, ursprung, anor, kön, könsidentitet eller -uttryck, sexuell läggning, ålder, genetisk information, religion, funktionshinder, sjukdomstillstånd, graviditet, civilstånd, familjestatus, veteranstatus eller annan karakteristik som skyddas av lagen. Electronic Arts gör också arbetsplatsen tillgänglig på det sätt som krävs för kvalificerade personer med funktionshinder, enligt gällande lagar.