Application Security Manager

About the team 

The Security & Privacy team at Wildlife is responsible for securing our player information, protecting our online games and services against attacks and reducing overall risk exposure. We solve this problem by implementing industry best practices, automation and strong relationships with software developers, infrastructure engineers and the IT team.

The team seeks to be a highly visible, responsive and effective team which enables the company to deliver against its strategic aims, by reducing the risk of significant security incidents and data breaches. 

Wildlife’s Security & Privacy department is divided in 4 different teams:

• Application Security: They work with developers to set up security control measures during every stage of software development lifecycle. They also develop, implement and use tools and techniques to protect applications that have been deployed, by finding, preventing and/or correcting detected vulnerabilities.

• Cloud Security: The team responsible for defining and enforcing security policies over our Infrastructure and Cloud Services, operated by public cloud providers, including but not limited to software-as-a-service (SaaS), infrastructure-as-a-service (IaaS), and platform-as-a-service (PaaS).

• Corporate Security: Responsible for the implementation and operation of tools and processes to secure our workstations, end-user devices, office hardware, services and office networks. The team works closely with all company areas to deliver security solutions that allow our world-wide workforce to deliver value in a secure manner. 

• Red Team: Wildlife’s offensive security team. Mainly responsible for planning, driving and/or conducting penetration tests, using the same techniques and tools of hackers to evade detection and test the defense readiness of the internal security team. This includes testing for not just vulnerabilities within the technology, but of the people within the organization as well.

About the role 

Wildlife Studios is searching for an Application Security Manager, reporting to the Head of Security & Privacy. This person will be responsible to lead, grow and mentor our Application Security team, responsible for:

• Integrating security tools, standards, and processes into the software development life cycle 
• Ensuring that developers and engineers are trained with the appropriate level of security knowledge to perform their daily activities.
• Improving and supporting application security tool deployments including static and dynamic code analysis and runtime testing tools.
• Improving and maintaining secure development standards.
• Supporting the incident response and architecture review processes whenever application security expertise is needed.
• Defining and managing application framework and perimeter security improvement projects.
• Ensure 3rd party software and development meets Wildlife’s security standards
• Integrating threat modeling practices into the product life cycle.
• Providing security requirements for test driven design.
• Producing metrics reporting the state of application security programs and performance of development teams against requirements.

You will work together with developers and engineers to create amazing games and revolutionary mobile game monetization software that is secure for our customers. We integrate security early into the SDLC, leverage automation and help developers deliver value.

The security team works together with internal partners from the development and infrastructure areas in order to have a multiplying impact. All our workloads are deployed on the AWS cloud and Kubernetes clusters, our applications are cloud-native, focused on performance, scaling and security.

We'll need you to understand our applications, identify potential vulnerabilities, propose, design and implement solutions that will lower the overall risk. These solutions will often come as small programs we develop in-house, or implementations of third-party tools that require some glue code to work with our software build pipelines.

Since we are always looking for new tools and technologies that better solve our problems, we value professionals that like to learn new things, are autonomous and proactive to bring and implement their ideas.

More about you

Successful candidates will be security evangelists who can translate security concepts into language that is meaningful to many audiences, including business and technical leaders and individual contributors. Candidates must be able to approach application security from the perspective of risk management and avoid purely academic thinking about software security. Demonstrable ability to influence decision‐making processes at all levels of a large organization will be critical to success.

Candidates must have strong leadership skills and be effective managers of highly technical individuals. Candidates must have excellent verbal and written communication skills, including experience speaking in public forums and writing/contributing to technical publications.

Candidates should be familiar with agile development processes and have experience integrating secure development practices.

• Humans > Code. Strong relationships with our organization’s teams is key to a successful security program. We need professionals who can explain complex problems in simple terms and engage in valuable conversations with development teams every time they can.
• Long-term focus. Improving the security of our ecosystem requires us to build strong foundations and think about the long term impact of our actions.
• Automation is key to scaling. We look for people that have a history of proposing, designing and executing automation projects in order to get rid of any manual and repetitive tasks.
• Bleeding edge. You are curious and like to study new technologies, test new solutions and measure the impact brought by changes. We want to ensure we are using the best technology stack possible 

Wildlife is one of the leading mobile game developers and publishers in the world. We have released more than 60 titles, reaching billions of people around the globe. Today, we have offices in Brazil, Argentina, Ireland, and the United States. Here, we create games that will excite, intrigue, and engage our players for years to come!

Wildlife is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, colour, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local law.

We're committed to providing accommodations for candidates with disabilities in our recruiting process. If you need any assistance, please let us know at recruitment@wildlifestudios.com.