Electronic Arts

Summary

We are looking for a senior security engineer to join our team. You will design, implement, and maintain security measures to protect EA's enterprise information systems and data. You will work with multiple teams to identify and mitigate security risks, ensuring compliance with industry standards and best practices.

You will report to the Director of the Enterprise Security Engineering Core & Admin team

Responsibilities:

• Work with EA's cloud security team to design and implement cloud infrastructure entitlement management (CIEM) across multiple Cloud Service Providers (CSPs) such as AWS, Azure, and Google Cloud.
• Assist with design and implementation of lifecycle management for non-human identities such as API keys, OAuth tokens, service accounts and secrets.
• Collaborate with partners and the application team to drive the remediation of secrets for apps with sensitive access.
• Assist in the investigation and resolution of security incidents and breaches.
• Perform application security reviews and threat modeling on mission-critical systems, & enterprise applications to find and address potential security risks.
• Stay up-to-date with the latest security trends, threats, and technologies, and recommend improvements to existing security measures.
• Address inquiries and guide users seeking help or guidance, ensuring prompt and accurate responses
• Conduct regular threat assessments in Active directory, & Entra ID and assist with the remediation.

Qualification:

• 6+ years of experience in the information security field.
• Experience implementing lifecycle management for non-human identities.
• Ability to eliminate obstacles and lead project success.
• Experience with security tools, policy, risk management, and best practices.
• Working knowledge of authentication standards such as FIDO2/WebAuthN, SAML, OIDC..
• Experience securing Windows Active Directory & Entra ID.
• Experience with Microsoft 365 security products and services such as Microsoft Defender for Identity, Microsoft Defender for Cloud Apps, Privileged Identity Management, Entra ID,
• Experience with cloud infrastructure entitlement management such as Microsoft Entra Permission management or any other tool.
• Experience creating and implementing access management frameworks using a least privilege access model.
• Excellent collaboration, with the ability to work with cross-functional teams.
• Experience with cloud security architectures and solutions
• Bloodhound, Hashicorp experience is nice to have.
• Relevant certifications such as CISSP, CISM, CCSP, or similar
• Knowledge of a scripting language, such as PowerShell, Python.