Electronic Arts

Central Technology is a dynamic community of experts, innovators, and change-makers united by a single, shared vision: To revolutionize interactive entertainment and inspire creativity through transformative technology. Our industry-leading services and solutions are developed collaboratively with teams across EA to enhance creativity and improve outcomes for our partners and players.

Central Technology is a force multiplier, working at the intersection of creativity, technology, and play to power our enterprise. Our teams develop EA's proprietary game engine, drive cutting-edge research, manage innovative infrastructures, create safety and security, and transform data into inspiration. Together, we keep EA moving so it can do what it does best — build unforgettable experiences for people who love games.

The EA Security team makes sure that play is fair and protected, so it stays fun and exciting. We defend not only our players, but EA itself: our people's work, our games, our data, and our infrastructure. Powered by deep technical expertise, we use cutting-edge engineering, automation, and intelligence to tackle threats at global scale. Whether it's securing game services, combating fraud, or supporting fair play, we're at the frontline of protecting the future of interactive entertainment. Join us and help keep the world of play — and EA — secure.

The Senior AppSec Analyst will report to the Senior Manager of the Verification & Pentest team. This is a hybrid role, reporting to the EA office in Bucharest 3x per week.

Responsibilities

• You search and analyze logs for Indicators of Compromise, create detections, and contribute to incident response investigations.
• You lead and conduct application security investigations across EA products (web, mobile, console, and PC), including static/dynamic testing and architectural review to identify vulnerabilities and validate bad actor activity.
• You partner with product, studio, and security teams to remediate vulnerabilities, providing clear technical guidance.
• You identify systemic vulnerability trends and lead scalable improvements across EA's security ecosystem, including sharing insights through internal presentations and research reviews.
• You own security automation and SOAR workflows (primarily in Splunk), build integrations for diverse data sources, and lead AI-driven detection proof-of-concepts.

Requirements 

• You have 5+ years of hands-on application security assessment experience across multiple platforms or programming languages.
• You can identify and remediate common vulnerabilities (e.g., CWE Top 25, OWASP Top 10) using manual analysis and security tools.
• You are proficient in querying logs and building detections using platforms such as Splunk, Loki Grafana, or DataDog.
• You have experience developing security automation or SOAR workflows, including data-source integrations and prototype automation or AI-based detection logic.
• You bring expertise in at least one technical domain (e.g., cloud architecture, networking, web frameworks, mobile architecture) and associated exploitation techniques (e.g., injection, IDOR, misconfigurations).