Application Security Specialist

The Xsolla Team is looking for a passionate Application Security Specialist to work remotely in one of these countries: Serbia, Montenegro, Indonesia, Thailand, and Cyprus.  We need a professional who knows and likes to solve the company's information issues.

RESPONSIBILITIES

• Seek and investigate vulnerabilities in the company's products
• Collaborate with product development, information technology, and management
• Participate in security assessments of service architecture
• Develop and conduct training events for developers
• Participate in the management of the Bug Bounty program
• Assist developers in vulnerability mitigation according to agreed SLAs
• Maintain, develop and automate SDLC practices
• Assist in implementing security code review process
• Participate in the selection and implementation of new information security systems
• Participate in information security incident investigations

REQUIREMENTS

• At least 3 years of relevant experience
• Familiar with web application attacks, how to exploit them, and defense techniques
• Experienced in doing penetration testing in PHP and Javascript
• Understand the difference between threat and risk, and are familiar with vulnerability assessment
• Understand the principles of networking and how web applications work
• Are familiar with BurpSuite/OWASP ZAP etc
• Familiar with the languages and frameworks for developing modern web applications 
• Familiar with manual and automated application security analysis tools
• Familiar with SDLC
• Verbal communication in English is easy

BENEFITS:Convenient work tools:Latest Mac workplaces + additional hardware to make you more effective at workGoogle Chat, Gmail, Google Drive, Confluence, Jira, GitLabProfessional growth:Free training and participation in specialized conferencesRich knowledge exchange within the company ABOUT XSOLLA:
Xsolla is a global video game commerce company with a robust and powerful set of tools and services designed specifically for the video game industry. Since its founding in 2005, Xsolla has helped thousands of game developers and publishers of all sizes fund, market, launch and monetize their games globally and across multiple platforms. As an innovative leader in game commerce, Xsolla’s mission is to solve the inherent complexities of global distribution, marketing, and monetization to help our partners reach more geographies, generate more revenue and create relationships with gamers worldwide. Headquartered and incorporated in Los Angeles, California, with offices in Berlin, Seoul, Beijing, Kuala Lumpur, and cities around the world, Xsolla supports major gaming titles like Valve, Twitch, Roblox, Ubisoft, Epic Games, KRAFTON, Nexters, NetEase, Playstudios, Playrix, miHoYo, Pearl Abyss, NCSoft, and more.  
For additional information and to learn more, please visit:  xsolla.com 
PHYSICAL DEMANDS:
The physical demands for this position are sits, stands, bends, lifts, and moves intermittently during working hours. These physical requirements may be accomplished with or without reasonable accommodations. The duties of this position may change from time to time so the individual and organization can achieve their results. This job description is intended to describe the general level of work being performed. It is not intended to be all-inclusive. Xsolla takes your privacy very seriously, and will not sell or externally distribute any data received during the hiring process. For more information related to GDPR or CCPA please reach out to careers@xsolla.com. 
 Xsolla is an equal opportunity employer and does not discriminate based on the following: race, color, ancestry, national origin, religion, creed, age, disability, mental and physical, sex, gender (including pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity, gender expression, medical condition, genetic information, marital status, military and veteran status, and any other terms deemed by the State of California.
Xsolla takes your privacy very seriously, and will not sell or externally distribute any data received during the hiring process. For more information related to GDPR or CCPA please reach out to careers@xsolla.com.
Longevity, Opportunity, Vision, and Enjoy the game!