Application Security Lead

Position Overview

In partnership with cybersecurity leadership, the Principal Application Security Engineer will work with product teams, game studios, central technology teams, and cybersecurity to perform proactive and offensive security engineering assessments, identifying vulnerabilities in games, systems, applications, and network infrastructure. This role will serve in a lead capacity for application security initiatives, improving overall cybersecurity across our gaming products and services

Responsibilities

• Collaborate with cybersecurity leadership to engage Game Studios and Central Technology Teams in proactive security assessments, focusing on secure application security engineering and effective solutions.
• Lead application security initiatives to bolster product security efforts within our gaming products and services!
• Serve as an application security domain expert in security testing, offering mentorship to penetration testers in identifying and addressing vulnerabilities.
• Drive security engineering thought leadership within the product teams, encouraging a proactive approach to application security.
• Assess the efficiency of application security measures and provide recommendations for ongoing improvement.
• Evaluate the effectiveness of application security measures and provide recommendations for continuous improvement.
• Engaging in complex engineering discussions and demonstrating deep security expertise to ensure detailed application security assessments and threat analyses are conducted.
• Coordinate application security efforts to ensure compliance with third-party requirements while engaging with external researchers to address vulnerabilities in our products.

Desired Skills and Experience

• Bachelor's degree in a related field or equivalent work experience; advanced degree in science, engineering, or technology is preferred.
• Strong background in application security engineering, penetration testing, and vulnerability management.
• Proven experience in application development, security assessments, and penetration testing.
• Excellent leadership skills and strong interpersonal abilities.
• Gaming security experience is a plus!
• Ability to work independently and within a distributed team.
• Strong written and verbal communication skills, with great attention to detail.
• Ability to collaborate with teammates and customers to tackle ambiguous challenges.

What We Offer You

• Competitive salary, bonus plan and ESPP (Employee Stock Purchase Plan)
• 401K Company Match Contribution (US)
• RRSP/DPSP company match contribution (Canada)
• Health coverage, dental, disability, critical illness, EAP, and life insurance (Canada)
• Medical, dental, vision, EAP, life insurance, and disability benefits (US)
• Virtual mental health and neurodiversity support programs
• Global Fitness reimbursement program
• Global Wellbeing Program
• Financial wellness program with unlimited access to certified financial planners
• Discretionary Time Off policy for many employees
• Family planning support program
• Generous paid parental, pregnancy-related disability, caregiver, and compassionate leaves
• Zynga happy hours and frequent employee events
• Flexible working hours on many teams
• Culture of diversity and inclusion including employee resource groups
• Work with cool people and impact millions of daily players

We are an equal opportunity employer and we are committed to building a diverse and talented workforce. We do not discriminate on the basis of race, sex, religion, colour, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, medical condition, disability, or any other class or characteristic protected by applicable law. We welcome job-seekers, players, employees, and partners from all backgrounds to join us!

We will consider all qualified job-seekers with criminal histories in a manner consistent with applicable law.

We are committed to providing reasonable accommodations to qualified individuals with physical or mental disabilities in order to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us at AccommodationRequest@zynga.com to request an accommodation associated with your application for an open position.

This is a fully remote role that may be based anywhere in the United States. Below are the expected salary and wage ranges for applicants based in locations where the pay transparency law is in effect:

Colorado: $96,100 and $142,240 per year

California: $109,800 and $162,480 per year

New York State (inclusive of New York City): $123,500 and $182,780 per year

Washington: $96,100 and $142,240 per year

Base pay offered is based on market location, and may vary further depending on individualized factors for job candidates, such as job-related knowledge, skills, experience, and other objective business considerations. Subject to those same considerations, the total compensation package for this position may also include other elements, including a bonus and/or equity awards and eligibility to participate in our 401(K) plan, in addition to a full range of medical, dental, vision, and basic life insurance. Employees will also receive 16 paid holidays per calendar year, unlimited discretionary time off, and will receive up to 6.5 sick days per calendar year. Details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, employee will be in an "at-will position" and the company reserves the right to modify base salary (as well as any other discretionary payment or compensation or benefit program) at any time, including for reasons related to individual performance, company or individual department/team performance, and market factors.

#LI-RK2

Zynga does not  engage in financial exchanges during the recruitment or onboarding process. We do not conduct job interviews over third-party messaging apps such as Telegram, WhatsApp or others. We will never ask you for your personal or financial information over unofficial chat channels. Our in-house recruitment team only contacts individuals via official company email addresses (i.e., via a zynga.com or naturalmotion.com email domain).

If you believe you have been the victim of a scam, you may wish to contact the authorities. In the United States, you may file a complaint with the FBI. More information is available here: https://www.ic3.gov.