Offensive Security Engineer - 211484 - Electronic Arts

通用信息

地点：Austin, Texas, United States of America

地点: Austin
州:
国家/地区: United States of America

地点: Redwood City
州:
国家/地区: United States of America

地点: Kirkland
州:
国家/地区: United States of America

地点: Orlando
州:
国家/地区: United States of America

角色 ID

211484

工作人员类型

Regular Employee

工作室/部门

CT - Security

弹性工作安排

Hybrid

描述和要求

Electronic Arts 打造更高层次的娱乐体验，激励世界各地的玩家和粉丝。在这里，每个人都是故事的主角。活跃社群，畅联全球。这里充满创造力，鼓励新观点，注重好创意。这是一支人人都能让游戏成为现实的团队。

Offensive Security Engineer – Enterprise Red Team

EA Security

The EA Security team protects EA by reducing our exposure to security risks by raising awareness and providing a measured, proportionate set of security and risk management controls, services and solutions.

EA is looking for a security engineer to join EA's Enterprise Red Team. You will help us identify threat vectors before they can be exploited in our systems, services, cloud infrastructure or applications. We're a team that can find the worst of the worst, knows what's most likely to be attractive to attackers, and we're motivated to make things better.

You will report to the Enterprise Red Team Director to work on an offensive security-driven application security program that scales enterprise-wide with a focus on automation, exploitation and best-practices.

What You'll Do

Be part of the offense! Find and exploit security vulnerabilities for defensive purposes to help identify risks and lead mitigations
Perform architecture and threat model reviews to identify security vulnerabilities with a focus on AI applications, agents, and infrastructure
Build automation to scale penetration testing and to test threat detection and response capabilities
Develop, pilot and operate flexible and creative security testing automation
Collaborate with engineers across EA to identify automation gaps and rapid prototyping of new ideas and mitigations
Support traditional red team assessments, adversarial emulation campaigns and penetration tests of EA's systems to discover and document high risk vulnerabilities
Support incident response activities as required

What You'll Need

4+ years' experience in penetration testing and/or red team operations
2+ years programming experience in at least one of the following: Golang, Python, Java, C#, C/C++
Working knowledge of DevSecOps and CI/CD pipelines and related tooling (Gitlab, Github, Jenkins,…)
Application Analysis (fuzzing, static analysis, app scanning)
Familiarity with reviewing source code for security vulnerabilities and related tooling (Code QL, semgrep,…)
Basic understanding of machine learning its attack surface
Advanced knowledge in application security, network security, authentication protocols
Proficiency in one or more operating systems: Linux, Windows, macOS
Experience with tooling such as Metasploit, Bloodhound, Burp, PromptFoo, ZAP, Sliver,…
Web and Database Penetration Testing Experience

Electronic Arts

我们拥有全面的游戏组合和丰富的体验，在世界各地设有分支机构，而且在整个 EA 提供大量机会。我们非常重视适应能力、韧性、创造力和好奇心。我们提供领导岗位让您发挥潜力，为学习和尝试提供空间，赋能您出色地完成工作并寻求成长的机会。

我们对福利计划采用整体方法，强调身体、情感、财务、职业和社区健康，以支持平衡的生活。我们的套餐专为满足当地需求而量身定做，可能包括医疗保险、心理健康支持、退休储蓄、带薪休假、家事休假、免费游戏等。我们营造和谐的环境，让各个团队始终都能尽展所能。

Electronic Arts 是一个注重机会平等的雇主。在聘用员工时不会考虑其种族、肤色、国籍、血统、生理性别、社会性别、性别认同或表达、性取向、年龄、遗传信息、宗教、身心障碍、医疗状况、怀孕状况、婚姻状况、家庭状况或兵役状况，或任何受法律保护的其他特征。我们也会遵守相关法律，考虑招聘有过犯罪记录的合格应聘者。EA 还会根据适用法律的要求，为合资格的残障人士提供工作场所的便利。