Senior Application Security Engineer
Cyrex, a Magic Media company, is a media and tech start-up powered by creativity and innovation. We work with leading developers and publishers in the games industry, providing support and solutions designed around individual needs and carried out by global experts.
We produce high-quality results by constantly staying at the forefront of modern technology and cutting-edge processes and practices. The best of our team are known for their strong initiative, not just in taking care of their day-to-day responsibilities but in helping identify ways to build, grow, and do more in their work.
We’re currently looking for a dynamic addition to the team to help work on exciting cybersecurity and development projects for the video games industry. The ideal candidate will work with cross-functional teams to develop critical products and services for our clients and offer excellent technical support to our teams. If you’re an enthusiastic, motivated, and lateral thinker, our team is waiting to meet you!
- Bootstrap proxy setup to support interception of custom network protocols and packet crafting
- Penetration testing for a broad range of applications (mobile, client, web, console)
- In-depth reporting of discovered vulnerabilities (PoC, resolution, technical and non-technical description of vulnerability)
- Risk assessment of discovered vulnerabilities (impact, probability)
- Collaborating with other team members during penetration testing (interaction is key during pair hacking)
- Actively seeking and working on feedback from clients and partners
- Performing security operations, communicating, and assisting from a remote location
- A technical or university level qualification, preferably in Computer Science. Equivalent combination of education and experience may be substituted.
- Excellent written and oral communication skills (especially in the English language)
- Experience in tools like Burpsuite, IDA, GDB, ApkTool, etc.
A strong knowledge of:
- Application security (mobile, client, web)
- Triage, vulnerability assessment, and responsible disclosure/reporting
- Penetration testing lifecycle (reconnaissance, penetration, reporting)
- Serialization mechanics used within network protocols
- Binary, hexadecimal, and ASCII notations
A working knowledge in:
- Cryptographic algorithms (encryption, hashing)
- API architectures and mechanisms
- Back-end architectures and common vendor libraries
- Obfuscation techniques
- Anti-cheat wrappers (BattlEye, EAC, etc.)
- Python development
- Linux, Unix, Windows systems
- An opportunity to hone and improve your skills by applying them to a diverse variety of gaming projects
- The chance to work closely with a team of like-minded creative professionals in a fast-paced, multicultural environment on a variety of gaming projects
- A competitive salary
- Ongoing training and professional self-improvement opportunities