At Rockstar Games, we create world-class entertainment experiences.
A career at Rockstar Games is about being part of a team working on some of the most creatively rewarding and ambitious projects to be found in any entertainment medium. You would be welcomed to a dedicated and inclusive environment where you can learn and collaborate with some of the most talented people in the industry.
Rockstar is on the lookout for talented Application Security Engineer who possess a passion for diving into complex software designs to identify security flaws and vulnerabilities. This is a full-time permanent position based out of Rockstar’s unique game development studio in the heart of New York City.
WHAT WE DO
The Rockstar Games Application Security team partners with numerous development teams across the company to incorporate security practices throughout the software development lifecycle
We strive to understand the threat landscape affecting our development studios, the gaming industry, and the world at large to define secure development standards and guidelines to safeguard our business and protect our players
We independently assess our application code and builds through various techniques (static analysis, dynamic analysis, software composition analysis, etc.) to identify potential vulnerabilities and design flaws and work with development teams to remediate
Track trends in the security community and stay abreast of emerging threats
Provide technical security guidance to developers, team leads and producers
Engage development teams to identify security requirements for new products and features while ensuring other requirements don’t introduce an unintended security impact
Create threat models of new applications and features to systematically understand how they can be attacked in order to prioritize control development
Conduct automated and manual security assessments
Drive remediation efforts behind internally and publicly identified vulnerabilities
Manage Rockstar Games’ public and private bug bounty programs
BA/BS in a computer science or related field
Experience working in Agile development teams
1+ year(s) of experience working in a professional, academic or freelance environment (e.g. bug bounty) identifying and remediating security bugs/flaws
Experience in results-oriented, retail driven environment with strict deadlines and ship dates
Strong written and verbal communication skills
Extensive knowledge of common software security vulnerabilities (e.g., OWASP Top 10), attack techniques and remediation tactics/strategies
Working knowledge of the principles and techniques for both manual and automated application security assessments
Understanding of a variety of web technologies including: JSON, WebSockets, HTTP/2, DNS, RESTful APIs
Please note that these are desirable skills and are not required to apply for the position.
Experience with scripting and process automation
Experience working in or establishing secure CI/CD pipelines
Experience with penetration testing and offensive security tools and techniques
E.g., Burp Suite, Metasploit, Wireshark
Proficiency in C++/C#/.NET and PHP preferred
Industry certifications preferred (CISSP, GSEC, OSCP, CEH, etc.)
HOW TO APPLY
Please apply with a resume and cover-letter demonstrating how you meet the skills above. If we would like to move forward with your application, a Rockstar recruiter will reach out to you to explain next steps and guide you through the process.
Rockstar is proud to be an equal opportunity employer, and we are committed to hiring, promoting, and compensating employees based on their qualifications and demonstrated ability to perform job responsibilities.
If you’ve got the right skills for the job, we want to hear from you. We encourage applications from all suitable candidates regardless of age, disability, gender identity, sexual orientation, religion, belief, or race.