Staff Security Engineer
Junglee Bengaluru
Flutter International
Flutter International is the home of some of the world’s most innovative entertainment brands. Here you can find a world of opportunities to take your career to the next level.As a Staff Security Engineer, you will be responsible for the security of our apps/services - Web, Mobile and API-based at Scale. Implementing and managing security controls at various points of the Secure Software Development Lifecycle, setting up seamless processes and guidelines.
The Goal is to build Seamless Security. We want you to redefine how developers view security, eliminating friction and improving Security natively.
You will work closely with other Security functions, DevOps, Architects and Developers and QA across our Engineering team to build highly reliable and secure products.
Responsibilities
Be a Security SME and mentor Engineering teams on Secure-by-Design patterns.
Prepare Secure by Design reference architectures for Developer adoption- Secure Architecture frameworks.Identify novel ways to scale Threat modeling across multiple applications. A prior experience of 5+ years of threat modeling products and prior work on building Secure Architecture is desirable.
Expertise in 2 or more of the following areas with prior experience of solving at scale
API Security
Web Application Security
Mobile Application Security
Lead and own the SSDLC and envision frictionless experience for Developers in the lifecycle.Own the SAST, DAST and other Security tools in the lifecycle. Work on findings evaluation, prioritization and fix/mitigate at scale.
Perform Secure Code reviews, provide Hands-on remediation Guidance across major languages. Minimum experience of 4+ years is desirable.
Implement Data Security standard and work with Engineering to work on Sensitive Data leakage.
Implement a robust way to Identify all third party applications (COTS-Commercial-Off-the-Shelf) used across the ecosystem. Work on providing proactive Security Best practice evaluation and enforcement for all such applications.
Working with the Cloud Security team to customize Web App Firewalls (WAF) rulesets, prior experience with WAF rule fine tuning is a plus. Ensure early Identification of intrusion & attacks and implement countermeasures.
Partner with SOC team for Security Incident Management and Remediation triage with Engineering products across the ecosystem.
Requirements
Overall 10+ years of relevant experience
Experience lead cross-functional impact projects in Security at Scale in prior roles.
Bachelor's degree in Computer Science or a related technical discipline, or equivalent practical experience.
Understanding of security frameworks and standards like OWASP & NIST, Solid understanding of security protocols, cryptography, authentication, authorization. Prior Experience in solving any of OWASP Top 10 at scale is highly desirable.
Good understanding of Linux and Windows OS, TCP/IP protocol stack and networking fundamentals, and security principles at all layers of the OSI stack
Experience with API security, network security, cryptography, PKI, certificate management,
Experience in CI/CD Tools Including Git, Jenkins, Ansible, or similar
Good Understanding of SSO, including OAUTH, SAML.
Knowledge and experience in web application security testing, vulnerability assessment, penetration testing, and generating reports using tools like Burp Suite, Paros, AppScan, Wireshark, Nmap, and Nessus.
Advanced Expertise in at least one language, Shell scripting/Python/Go/NodeJS
About Junglee Games
Junglee Games is a leader in the skill-gaming space, with over 100 million registered players. Founded in San Francisco in 2012 and part of the $30 Bn Flutter Entertainment Group, Junglee Games is the fastest-growing skill games company in Southeast Asia. Some of our notable games are Junglee Rummy, Howzat, Junglee Poker, and Carrom Stars.
Our mission is to build entertainment for millions of people around the world and help them connect with each other through high-quality games. We focus on creating exhilarating and immersive gaming experiences and also incorporate social features to promote interaction and competition among players. Our games are available on multiple platforms, including web browsers, and Android and iOS devices.
Since our inception, we have drawn 700+ of the world’s most talented people into our ranks. Our team has worked on international AAA titles like Transformers, Star Wars: The Old Republic, Real Steel, Rio, Mech Conquest, and Dueling Blades. Our designers have worked on some of Hollywood’s biggest hits, including the movie Avatar.
Junglee Games is not just a gaming business. It is a blend of data science, innovation, cutting-edge technology, and, most importantly, a value-driven culture that is creating the next set of conscious leaders. An equal-opportunity employer, Junglee Games has been certified as a Great Place to Work for four years in a row. We celebrate diversity and are committed to creating an inclusive environment for all our employees.
Junglee Games has received various accolades for its contribution to the online gaming space. The company continues to innovate and develop new games, expanding its presence in the global gaming market.
Website: https://www.jungleegames.com/
LinkedIn: https://www.link
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Android Ansible APIs Application security Burp Suite Certificate management CI/CD Cloud Computer Science Cryptography DAST DevOps Firewalls iOS Jenkins Linux Nessus Network security NIST Nmap Node.js OWASP Pentesting PKI Python SAML SAST Scripting SDLC SOC SSO TCP/IP Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open Information Security Architect jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open PowerShell-related jobs