Application Security Analyst

Requisition Number: 185745

Position Title: Security Analyst

External Description:

We are looking for an Application Security Analyst to help us actively defend EA’s products, data, and players. This remote-friendly role will report to the Senior Manager of the Verification and Pentest (VAP) team within the Secure Product Engineering and Anti-cheat Response (SPEAR) organization. You will work with a diverse set of timezones working most closely with an North American-based counterpart.

 

Responsibilities

• You will triage and investigate cases reported through our Coordinated Vulnerability Disclosure (CVD) program and partner with developers to guide remediations
• You will use your application security knowledge to identify proactive monitoring opportunities to detect future abuse across our applications
• You will investigate daily alerts, search logs for Indicators of Compromise (IoCs) and create or enhance detections
• You will identify systemic vulnerability trends and patterns, and engage EA security teams to prevent these at scale
• You will correctly rate the security impact of discovered vulnerabilities, articulate remediation steps to product teams, and report impact to leadership
• You will deliver talks and presentations within EA, including internal conferences

 

Qualifications

• At least three years hands-on experience of full stack Application Security reviews that span multiple platforms and programming languages
• Experience discovering and remediating CWE Top 25 and OWASP Top 10 vulnerabilities
• Experience querying logs and setting up detections through a log aggregation platform, such as Grafana
• Experience handling coordinated vulnerability disclosure programs
• Hands-on experience with security assessment tools and understanding of their applicability and limitations in different assessment scenarios
• Knowledge in multiple of the following domains and expertise in at least one: Networking, OS Internals, Cloud Architecture, Web Frameworks, or Mobile Architecture
• Knowledge of best practices and common pitfalls in one or more of: cryptography, authentication mechanisms, authorization controls and network configurations
• Knowledge of multiple of the following exploitation techniques and expertise in at least one: XSS, SQLi, IDOR, MitM, DoS, BOF, or ROP
• Excellent verbal and written English skills
• Bachelor’s degree or Master’s Degree in Computer Science or Information Security, or equivalent industry experience

City:

State:

Community / Marketing Title: Application Security Analyst

Company Profile:

Nous sommes une équipe internationale de spécialistes de la création, de la narration, de la technologie, de la génération d’expériences, de l’innovation et bien plus encore. Nous pensons que nos équipes doivent être aussi diversifiées que nos communautés afin de créer des jeux et des expériences inoubliables. Chez Electronic Arts, la seule limite est votre imagination.

EEOText:

About Electronic Arts

We’re proud to have an extensive portfolio of games and experiences, locations around the world, and opportunities across EA. We value adaptability, resilience, creativity, and curiosity. From leadership that brings out your potential, to creating space for learning and experimenting, we empower you to do great work and pursue opportunities for growth.

We take a holistic approach with our benefits program, focusing on physical, emotional, financial, career, and community wellness to support a balanced life with paid time off and new parent leave, plus free games and so much more. We nurture environments where our teams can always bring their best to what they do.

Electronic Arts is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law. We will also consider employment qualified applicants with criminal records in accordance with applicable law. EA also makes workplace accommodations for qualified individuals with disabilities as required by applicable law.

Days Open: 14

Can this position be remote?: 1

EEO Employer Verbiage:

À propos d'Electronic Arts

Toutes nos actions sont tendues vers le même objectif : transmettre l'envie de jouer. Au travers de nos jeux innovants, de nos services novateurs et de nos technologies de pointe, nous offrons des possibilités infinies à des millions de fans dans le monde entier.

 

Nous cherchons des personnes inclusives et collaboratives aux points de vue variés pour enrichir notre culture et nous stimuler. Grâce à notre programme d’avantages sociaux, nous adoptons une approche holistique centrée sur le bien-être physique, émotionnel, financier, professionnel et communautaire pour soutenir les membres de notre personnel à chaque chapitre de leur vie. Nous fournissons un ensemble complet d’avantages sociaux garantissant une vie équilibrée et offrant notamment des congés payés, des congés parentaux, des jeux gratuits et bien plus encore. Notre objectif est de fournir un environnement de travail sûr et bienveillant qui vous permet de vous épanouir sur le plan personnel comme sur le plan professionnel.

 

Electronic Arts souscrit au principe de l’égalité des chances. Nous prenons nos décisions en matière d’emploi sans distinction de race, de couleur, de pays d’origine, d’hérédité, de sexe, de genre, d’identité ou d’expression de genre, d’orientation sexuelle, d’âge, d’informations génétiques, de religion, de handicap, d’état de santé, de grossesse, de situation familiale, d’ancienneté ou de tout autre facteur protégé par la loi. Nous étudions également les candidatures des personnes qualifiées possédant un casier judiciaire, conformément à la loi en vigueur. Par ailleurs, EA aménage l’environnement de travail pour les personnes en situation de handicap, conformément à la loi en vigueur.