Offensive Security & Vulnerability Analyst

Who we are:

Take-Two Interactive Software, Inc. is a leading developer, publisher, and marketer of interactive entertainment for consumers around the globe. For more than 25 years, our development teams have created some of the most critically acclaimed and commercially successful entertainment experiences, captivating, and engaging audiences around the world. We are incredibly proud of our ability to consistently deliver the highest-quality titles, as well as our colleagues who help to create our unique culture and work environment that is inclusive, diverse, and dynamic.

While our offices are casual and inviting, we are deeply committed to our core tenets of creativity, innovation and efficiency, and individual and team development opportunities. Our industry and business are continually evolving and fast-paced, providing numerous opportunities to learn and hone your skills. We work hard, but we also like to have fun, and believe that we provide a great place to come to work each day to pursue your passions.

About the position:

Offensive Security & Vulnerability analysis requires you to think like an adversary. Identifying activity to better protect Take-Two’s enterprise and product security. Adapting your perspective to approach analysis like an advanced persistent threat. Creativity is key. For example, work with our Offensive Security & Security Engineering teams to develop attack plans and stealthily execute them. Identify and potentially compromise sensitive information on Take-Two assets such as confidential files, private repositories or build and distribute malware to Take-Two team members to demonstrate how the corporate enterprise could be compromised. Be able to document and summarize the activity and collaborate with our Vulnerability analysis team to identify the most efficient and effective methods to address the findings.

What you'll take on:

• Collaborate with Security Engineering, IT Infrastructure, & associated stakeholders to remediate identified vulnerabilities and drive down enterprise security risk
• Develop processes to identify misconfigurations in enterprise systems, display capability to exploit identified gaps, and work with corresponding teams to track and resolve outstanding findings
• Utilize threat modeling concepts and frameworks such as MITRE ATT&CK, and OWASP to create defenses for Take-Two assets by executing attacks that emulate a range of adversaries
• Performing security assessments using associated tool sets (code review, fuzzing, blackbox testing).
• Design & execute attacks to challenge the Security Operations and test Security Controls
• Strive to identify weaknesses within Take-Two products and corporate networks and demonstrate the associated risks
• Understand CND technologies to bypass security controls and remain undetected in offensive endeavors
• Report on Red Team engagements providing in-depth analysis of the security issues identified, and best methods to address findings
• Exposure to C2 frameworks such as Cobalt Strike, Metasploit, PoSHC2 and Covenant and capability to modify or create tooling to overcome technical challenges
• Advocate for and enhance our SDLC process, understanding standard operating procedure
• Formalize and document cloud security management & remediation processes
• Understanding and identifying the Infrastructure Risk Assessment and Vulnerability process
• Validate application inventory to manage obsolete software

What you bring:

• Have a heart for service and a tempered ego
• BA/BS in computer science or related field
• 2-4 years in an Information Security Engineering, Pen-testing, or Vulnerability remediation related environment
• Knowledge of and interaction with system compromise techniques, industry threat intel sources and ability to apply concepts to software systems
• Knowledge of AWS and other cloud environments
• Understanding & experience with all OS such as Windows / Server, Linux (CentOS, RedHat, Ubuntu), & macOS
• Understanding of web services architecture and technologies

Bonus Skills

• Experience with programming languages (e.g., Python, C, C++, C#, PowerShell, or VBScript)
• Experience in a results-oriented, retail media driven environment with strict deadlines and ship dates

What We Offer You:

Great Company Culture. We pride ourselves as being one of the most creative and innovative places to work, creativity, innovation, efficiency, diversity and philanthropy are among the core tenets of our organization and are integral drivers of our continued success.  

Growth: As a global entertainment company, we pride ourselves on creating environments where employees are encouraged to be themselves, inquisitive, collaborative and to grow within and around the company.

Work Hard, Play Hard. Our employees’ bond, blow-off steam, and flex some creative muscles – through corporate boot camp classes, our onsite Gym, company parties, our Office bar, game release events, monthly socials, and team challenges.

Benefits. Benefits include, but are not limited to Private healthcare, Private dental, A double matching pension policy where the employer will double match up to a 4% contribution from the employee, Employee stock purchase scheme with a 15% discount, Eye tests and vouchers towards glasses, Cycle to work scheme, Flu vouchers, Annual health, 4X death in service insurance, Income protection (60% salary), 26 days holiday, Enhanced Family friendly policies + other great perks and great office facilities!

Perks. Fitness reimbursement up to £50 per month, an onsite Gym, an Office bar, employee discount programs, free games & events, stocked pantries, a dog friendly workplace and the ability to earn £350+ per year for taking care of yourself and more!

Take-Two Interactive Software, Inc. (“T2”) is proud to be an equal opportunity employer, which means we are committed to creating and celebrating diverse thoughts, cultures, and backgrounds throughout our organization.  Employment at T2 is based on substantive ability, objective qualifications, and work ethic – not an individual’s race, creed, color, religion, sex or gender, gender identity or expression, sexual orientation, national origin or ancestry, alienage or citizenship status, physical or mental disability, pregnancy, age, genetic information, veteran status, marital status, status as a victim of domestic violence or sex offenses, reproductive health decision, or any other characteristics protected by applicable law.

#LI-Hybrid