Senior Application Security Engineer
Remote - Canada
Fortis Games
Who we are
At Fortis Games we aspire to make great games that bring people together while redefining how game companies work. We believe in building a sense of belonging through our games, their communities, and how we operate and treat each other. Through our game communities, we will create powerful connections and lasting memories. We will foster a culture of diversity, equity and belonging where together our diverse skills, experiences and backgrounds impact the games we make.
We are an early but mighty organization with a leadership team of game industry veterans. There are many opportunities for you to have a big impact on the products we'll be making as well as the overall direction of the company. If you're passionate about tackling difficult problems with direct and thoughtful communication and team first mentality, we may be the right place for you.
About the role
Fortis Games is hiring a Senior Applications Security Engineer to manage all aspects of the company’s application cybersecurity needs.
What you will do
- Own the Application Security technology stack and associated processes and procedures.
- Help maintain our build & deployment processes.
- Provide architectural guidance and leadership on best practices regarding security in software development, shared services, user interface design frameworks, high performance solutions, server-side development, integrations, tools and technologies.
- Implement, tune, and help game teams understand the output from static and dynamic analysis tools.
- Collaborate with engineers, consultants and leadership to address security risks and provide mitigation recommendations within the Secure Software Development Lifecycle (SSDLC).
- Perform validation of security controls to ensure consistency with compliance and industry standard methodologies.
- Ability to understand business requirements and apply security without adversely affecting the desired functionality.
- Track project progress through project management software such as ClicklUp JIRA, Confluence and Google suite.
- Build relationships with cross functional teams to execute projects on time and with high quality.
- Perform audits and assessments to identify risk and create a remediation plan.
- Build reports and communicate security posture to all levels of the organization.
- Manage multiple projects concurrently and maintain project & technology-level documentation.
What you’ll need to be successful
- Prior experience working on an Application Security team (experience at a mobile gaming organization a plus)
- Expert knowledge with architecting and implementing security solutions into Secure Software Development Lifecycle (SSDLC) and CI/CD pipelines
- Building and architecting build & deploy processes, infrastructure-as-code (IaC), and CI/CD pipelines
- Experience with multiple languages such as C#, Typescript, Javascript, etc.
- Analyzing critical parts of the codebase with the ability to define and review high risk code for vulnerabilities
- Experience implementing, tuning and helping software teams understand the output from SCA, SAST, DAST tools
- Define security test strategies for complex systems, identifying security vulnerabilities
- Experience with international security and privacy requirements such as GDPR
- Knowledge of automated attack tools and developing mitigation techniques
- Detect and remedy related security issues such as OWASP top 10
- Firm understanding of enterprise class application architectures that are highly scalable and reliable and the expertise to secure them
Why join us
There are many reasons to join us, but here are a few:
- We strongly believe we are changing how games studios operate and at the core of what we do is making great games that create a connected community
- We're not just about making Games Where You Belong. We're also about building communities where our people belong. That's why Fortis is a thriving environment that celebrates diversity, embraces inclusivity, and fosters growth.
- Build and grow with a seasoned team of accomplished talent who have left an impactful mark in their disciplines, both in and out of gaming
Fortis is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits C CI/CD Compliance Confluence DAST GDPR JavaScript Jira OWASP Privacy SAST SDLC TypeScript Vulnerabilities
Perks/benefits: Career development Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open IT Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs