Skip To Main Content
epam-logo-black.svgepam-logo-black.svg
backBack to Search

Middle Application Security Engineer for Video Game Company

Remote in Kazakhstan, Georgia
Security.Engineering, Code Review
warning.png
Sorry, this position is no longer available
Kazakhstan

Currently, we are looking for a remote Middle Application Security Engineer with 2+ years of experience in Information Security principles, technology, and control processes to join our team.

The customer is an American video game and software developer and publisher, developing commercially available game engines which also powers their internally developed video games.

Responsibilities
  • Application Security Assessments - Define and update an application security methodology and perform assessments across internal, external applications
  • Secure Coding - Keep Web development teams apprised of secure coding best practices, and assist with static/dynamic code analysis
  • Assist in the design, creation, testing, documentation, deployment and maintenance of new automation, capabilities and Security services for the InfoSec team ​
  • Stay abreast of internal Epic applications and their security posture
  • Blue Team Cross Training - Remains abreast of Application Security threats and defines and develops InfoSec training on web-based exploits/tools and corresponding mitigation techniques
Requirements
  • 2+ years experience of Information Security principles, technology, and control processes
  • 2+ years of development experience building systems in languages such as Python, C++, Golang/Rust
  • Experience in design review and threat modeling
  • Experience with providing security services as part of an SDLC
  • Experience with Secure Coding and AppSec frameworks (OWASP Guide, SANS CWE Top 25, CERT Secure Coding)
  • Experience working with and setting up services on AWS infrastructure
  • Understand and be able to apply concepts such as algorithms, data structures, OOO design, databases
  • The ability to work with a team, building complex solutions is a plus
  • Knowledge of how to work with CI/CD systems is also a plus
  • Knowledge of Docker and Terraform is also a plus
  • CEH and Offensive Security Certification (OSCP, GPEN, or GWAPT)
  • Excellent oral and written communication skills, including report writing and technical documentation
  • English level proficiency B1
Benefits
  • International projects with top brands
  • Work with global teams of highly skilled, diverse peers
  • Healthcare benefits
  • Employee financial programs
  • Paid time off and sick leave
  • Upskilling, reskilling and certification courses
  • Unlimited access to the LinkedIn Learning library and 22,000+ courses
  • Global career opportunities
  • Volunteer and community involvement opportunities
  • EPAM Employee Groups
  • Award-winning culture recognized by Glassdoor, Newsweek and LinkedIn

These jobs are for you