isecjobs.com

Application Security Analyst II

Austin, Texas, United States

Applications have closed
Electronic Arts logo

Electronic Arts

We exist to inspire the world through Play. Electronic Arts is a leading publisher of games on Console, PC and Mobile.

View all jobs at Electronic Arts

Find more jobs like this Jobs in the United States

Application Security Analyst II - Remote

We are looking for an Application Security Analyst to help us actively defend EA’s products, data, and players. This remote-friendly role will report to the Senior Manager of the Verification and Pentest (VAP) team within the Secure Product Engineering and Anti-cheat Response (SPEAR) organization. You will work with a diverse set of timezones working most closely with a Europe-based counterpart.

Responsibilities

  • You will triage and investigate cases reported through our Coordinated Vulnerability Disclosure (CVD) program and partner with developers to guide remediations
  • You will use your application security knowledge to identify proactive monitoring opportunities to detect future abuse across our applications
  • You will investigate daily alerts, search logs for Indicators of Compromise (IoCs) and create or enhance detections
  • You will identify systemic vulnerability trends and patterns, and engage EA security teams to prevent these at scale
  • You will correctly rate the security impact of discovered vulnerabilities, articulate remediation steps to product teams, and report impact to leadership
  • You will deliver talks and presentations within EA, including internal conferences

Qualifications

  • At least three years hands-on experience of full stack Application Security reviews that span multiple platforms and programming languages
  • Experience discovering and remediating CWE Top 25 and OWASP Top 10 vulnerabilities
  • Experience querying logs and setting up detections through a log aggregation platform, such as Grafana
  • Experience handling coordinated vulnerability disclosure programs
  • Hands-on experience with security assessment tools and understanding of their applicability and limitations in different assessment scenarios
  • Knowledge in multiple of the following domains and expertise in at least one: Networking, OS Internals, Cloud Architecture, Web Frameworks, or Mobile Architecture
  • Knowledge of best practices and common pitfalls in one or more of: cryptography, authentication mechanisms, authorization controls and network configurations
  • Knowledge of multiple of the following exploitation techniques and expertise in at least one: XSS, SQLi, IDOR, MitM, DoS, BOF, or ROP
  • Excellent verbal and written English skills
  • Bachelor’s degree or Master’s Degree in Computer Science or Information Security, or equivalent industry experience
Find more jobs like this Jobs in the United States

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  7  6  0
Categories: Analyst Jobs AppSec Jobs

Tags: Application security Cloud Computer Science Cryptography Full stack Grafana Monitoring OWASP Security assessment SQL injection Vulnerabilities XSS

Perks/benefits: Conferences

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Systems Security Officer jobsSenior Cloud Security Engineer jobsInformation System Security Officer jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsInformation Security Manager jobsSenior Network Security Engineer jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Penetration Tester jobsIT Security Analyst jobsSenior Cyber Security Engineer jobsSystems Engineer jobsChief Information Security Officer jobsSystems Administrator jobsStaff Security Engineer jobsInformation System Security Officer (ISSO) jobsPrincipal Security Engineer jobsThreat Intelligence Analyst jobsSenior Product Security Engineer jobsCloud Security Architect jobsInformation Systems Security Engineer jobs
GDPR jobsEncryption jobsPowerShell jobsDevSecOps jobsEDR jobsSaaS jobsIDS jobsSplunk jobsSDLC jobsRMF jobsIPS jobsTop Secret jobsSQL jobsIntrusion detection jobsBash jobsThreat detection jobsActive Directory jobsCompTIA jobsDoDD 8570 jobsITIL jobsOWASP jobsDocker jobsBanking jobsCRISC jobsUNIX jobs
Finance jobsTCP/IP jobsClearance Required jobsGIAC jobsCISO jobsIndustrial jobsTerraform jobsHIPAA jobsIT infrastructure jobsSOC 2 jobsSANS jobsJavaScript jobsVPN jobsOSCP jobsCCSP jobsMITRE ATT&CK jobsSOAR jobsJira jobsDNS jobsSOX jobsData Analytics jobsPolygraph jobsNIST 800-53 jobsGCIH jobsSecurity strategy jobs