Lead Security Engineer
Multiple Locations: Virginia, United States • Vancouver, British Columbia, Canada • Austin, Texas, United States
Requisition Number: 166145
Position Title: Sr Software Engineer I - Security
LEAD SECURITY ENGINEER
The EA Security team protects EA by reducing our exposure to security risks by raising awareness and providing a measured, proportionate set of security and risk management controls, services and solutions. This department also ensures that EA is meeting required security standards as defined by a variety of different regulatory bodies.
The Lead Security Engineer is a member of the Verification & Pentest (VAP) team under the Security Platform Engineering and Anti-Cheat Response (SPEAR) group within the EA Security department. You will report directly to the manager of the VAP team.
As a Lead Security Engineer, you will discover vulnerabilities in EA's games and gaming infrastructure. Your work will help protect our data and most importantly, our customers.
The security assessments you perform will cover everything from web applications, to network infrastructure, to thick clients and servers. In addition to identifying security issues, you'll need to determine the risk and business ramifications posed by the vulnerabilities you discover and explain your findings across teams.
You'll bring an understanding of security principles and a passion to learn new technologies, challenge assumptions, and introduce new techniques.
- Use architecture and design documentation and an understanding of the interactions between EA products to create security assessment scoping documents
- Develop a broad and deep technical understanding of EA products, services and architectures, using that understanding to perform in-depth reviews
- Identify systemic vulnerability trends and patterns, and propose and engage product teams at a senior level to address these issues at EA
- Correctly rate the security impact of discovered vulnerabilities and articulate effective remediation steps to product teams
- Drive remediation of vulnerabilities by engaging leadership of product teams
- Give presentations at internal and external security conferences
- Propose and help develop educational materials to raise security IQ across EA
- Participate and contribute in strategic conversations at the SPEAR management level
- Conduct full interviews & offer feedback on VAP strategy
- Identify and distill external research, to improve knowledge across EA Security
- At least eight years hands-on experience of full stack Application Security reviews that span multiple platforms and programming languages.
- In-depth experience with security assessment tools and understanding of their applicability and limitations in different assessment scenarios.
- Expertise in multiple of the following domains and knowledge in the remaining domains: Networking, OS Internals, Cloud Architecture, Web frameworks or Mobile Architecture
- Knowledge of best practices and common pitfalls in multiple of: cryptography, authentication mechanisms, authorization controls and DevSecOps
- Knowledge of all of the following exploitation techniques with expertise in multiple: XSS, SQLi, IDOR, MitM, DoS, BOF, or ROP
- Experience extrapolating observed instances of vulnerabilities into discussions of wider impacts and trends at an organizational level.
- Excellent verbal and written English skills, interpersonal skills, and professionalism
- Experience delivering talks at internal and external security conferences and gaming conferences
Community / Marketing Title: Lead Security Engineer
Electronic Arts Inc. is a leading global interactive entertainment software company. EA delivers games, content and online services for Internet-connected consoles, personal computers, mobile phones and tablets.
EEOText: About EA At Electronic Arts, we exist to Inspire the World to Play. We create extraordinary new game experiences for our millions of players everywhere by bringing together talented people that combine creativity, innovation, and passion. We know that our strength lies in the diversity of our people. We immerse our employees into an inclusive culture, and provide opportunities for learning and leading that allow them to do the most impactful and rewarding work of their careers. We put our people first. We provide comprehensive benefit packages with a focus on health and wellbeing to support your needs and help you balance your career and personal life. We provide access to dynamic and collaborative work environments, opportunities to connect and contribute through our Employee Resource Groups, and support for a balanced life with paid time off and new parent leave, plus free video games and so much more! Electronic Arts is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law. Electronic Arts also makes workplace accommodations for qualified individuals with disabilities as required by applicable law.
Date Opened: 2021-05-26 18:50:51.887
EEO Employer Verbiage:
We exist to inspire the world to play. Through innovative technology and immersive storytelling, we deliver new ways of experiencing worlds of interactive entertainment for our millions of players worldwide. Our strength lies in the diversity of our people, combining creativity, innovation and passion. We fully champion inclusive culture, and provide opportunities for growing, learning, and leading that allows for the most impactful and rewarding work of our teams’ careers.
We put our people first, and we make sure they’re taken care of both in and out of the office. As we reflect on our learnings and successes from remote work, we aim to provide dynamic, collaborative and flexible work environments for our teams. Our employees connect through our Employee Resource Groups, which are actively involved in driving business decisions every step of the way. But our support doesn’t end at the workplace—we also encourage a balanced lifestyle with paid time off and new parent leave, free video games, fitness reimbursement and more.
Our goal is to provide a safe, respectful and inspiring workplace for all of our employees. Through our diversity, equity, inclusion and social responsibility programs, we’re doing the work to give everyone the space to be their full selves while giving back to our community. We’re looking for problem-solvers, game-changers, innovators, dreamers, doers—people that are ready to move the needle and build on our success. As our industry accelerates, we aren’t just keeping up—we’re staying ahead of the game.
Electronic Arts is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law. Electronic Arts also makes workplace accommodations for qualified individuals with disabilities as required by applicable law.