Sr. Offensive Security Engineer
AppLovin's global technology platform provides developers a powerful, integrated set of solutions to grow their businesses. AppLovin enables developers to market, monetize, analyze and publish their apps. Its studios create popular, immersive content and its technology brings that content to users around the world. AppLovin is headquartered in Palo Alto, California with offices globally.
AppLovin is a Certified Great Place to Work, one of Inc.’s Best Workplaces and a recipient of the 2019 Glassdoor Top CEO employee’s choice award. The San Francisco Business Times and Silicon Valley Business Journal awarded AppLovin one of the Bay Area’s Best Places to Work in 2019, 2020 and 2021, and the Workplace Wellness Award in 2019 which recognizes businesses that are leaders in improving worker well-being.
AppLovin is seeking a Senior Offensive Security Engineer who is driven to work on some of the most challenging security problems (Cloud vulnerabilities, DDoS Attacks, Insider and outsider threats) . You will use your skills to secure products running on large and complex technology stacks. The ideal candidate will be a good communicator and team player, know how to explain complex issues with simple terms, focus on ethical hacking, network security, penetration testing, exploitation, code review, and developing tools (static/dynamic analyzers, fuzzers, etc.).
What you'll be doing:
- Perform deep architecture and security reviews on highly complex products to identify vulnerabilities.
- Map attack surfaces, assess threats, and prioritize issues across our stack
- Hack our internal and external infrastructure
- Adapt and quickly learn new technology stacks, programming languages, and frameworks
- Strong knowledge of on-prem and cloud infrastructure from an attacker perspective
- Meet with internal stakeholders to discover new systems before they are developed and deployed
- Review code efficiently and automate testing with simple scripts
- Read and write multiple programming languages. C/C++, PHP, Erlang, Lua, and Python are highly valued, but others will help too.
Your background and who you are:
- Bachelors degree
- Experience with code analyzers, such as Fortify or Veracode
- 3-5 years of applicable experience
- Knowledgeable regarding web application security topics such as OWASP Top 10, and authentication infrastructure (SAML, OAUTH)
- Demonstrated experience evaluating code for vulnerabilities and weaknesses
- Ability to write complex software in multiple languages
- Mobile application security (iOS and or/ Android)
- Experience performing black-box testing of web applications
AppLovin is an equal opportunity employer and considers qualified applicants without regard to race, gender, sexual orientation, gender identity or expression, genetic information, national origin, age, disability, medical condition, religion, marital status or veteran status, or any other basis protected by law.