Electronic Arts

Attendance required to the Madrid or Vancouver office, 3 days a week.

EA SPORTS is one of the leading sports entertainment brands in the world, with top-selling video game franchises, award-winning interactive technology, fan programs, and cross-platform digital experiences. EA SPORTS creates connected experiences that ignite the emotion of sports through industry-leading sports video games, including Madden NFL football, FC, NHL® hockey, NBA LIVE basketball, and EA SPORTS UFC.

We are looking for an experienced Application Security Analyst who is passionate about video games and security to join our EA SPORTS Security team.

Position Overview

• Simulate real-world attack scenarios across client, server, API, and game-feature surfaces.
  
  

• Perform technical security assessments, penetration tests, and design reviews for new and existing game systems.
  
  

• Evaluate and respond to security threats that could impact game integrity, fairness, or virtual economies.
  
  

• Collaborate with game teams to design mitigations and build resilient features resistant to exploitation.
  
  

• Partner with security engineers, data scientists, and product managers to improve the overall security posture of EA SPORTS titles.
  
  

• Develop internal tooling, scripts, and automation to support application-layer testing, traffic manipulation, and security analysis.
  
  

Qualifications

• Knowledge of video games, online services, virtual economies, or common cheating/botting behaviors.
  
  

• Solid understanding of client-server integration (networking, networking logic, authentication flows, etc.).  Bonus if this is in a game context.
  
  

• Experience auditing and testing APIs, client–server interactions, and game or application features for abuse.
  
  

• Proficiency with tools such as Fiddler, Burp Suite, Postman, mitmproxy, or similar traffic-interception and testing frameworks.
  
  

• Ability to read and understand Java, plus familiarity with C#, C++, or .NET is a bonus.
  
  

• Strong scripting or software development skills (e.g., Python, JavaScript, Go) for automation and tooling.
  
  

• Ability to safely handle potentially malicious software, test in isolated environments, and validate exploit behavior.
  
  

• Data querying skills with experience in Presto or MySQL.
  
  

• Knowledge of cryptography fundamentals.

• Bonus: Experience with debuggers (WinDbg, x64dbg) or disassemblers (Ghidra, IDA) — not required, but helpful in a game-client environment.