We're looking for talented and inspired individuals to be part of an elite group of application security researchers.

As an Application Security Researcher, you will take an active role in our development teams, helping manage Moon Active Secure Development lifecycle in products that serve millions of users. You will work with internal development teams to ensure Moon Active mobile games are designed, coded, and implemented securely.

Responsibilities

• Primarily responsible for working closely with the development teams to conduct design review, code review, and dynamic analysis.
• Identify, communicate, and drive the resolution of vulnerabilities.
• Research and advocate for new security solutions and technologies.
• Continue to drive security evaluation earlier in the cycles through iterative security testing
• Implement and Govern automated secure coding tools and processes (SAST, DAST) to review code as it is written, promoted through the development lifecycle, and into production
• Operate as an incident responder for triage pertaining to web-based vulnerabilities

Requirements

• Proven experience in high-level code auditing (3 years or relevant military service)
• Proven experience in AppSec research, including deep understanding of major AppSec attacks, vulnerabilities and mitigations including XSS, CSRF, SQL Injection, Deserialization, RCE, etc. (3 years or relevant military service)
• Familiarity with a wide range of high-level programming languages (Java, JS, Python, etc.) and Software Development Life Cycle (SDLC).
• Familiarity with cloud environments - AWS and GCP in particular
• Familiarity with a wide range of database types and architectures
• Optional: You found a high-severity vulnerability in a popular app
• Optional: familiar with mobile application platforms and APIs like Google Play, App Store