Product Security Engineer at Junglee Games ensuring security is integrated into each stage of the software development lifecycle. Collaborate across teams and harden the security of products and platforms.
About the role
- Security Engineer leading internal penetration testing efforts to protect complex systems. Collaborating with SRE team to proactively hunt for weaknesses across applications, cloud infrastructure, and APIs.
Responsibilities
- Lead Internal Penetration Testing: Perform deep-dive manual and automated penetration tests on web applications, mobile apps, and microservices.
- Adversarial Emulation: Design and execute red-team scenarios to test the organization’s detection and response capabilities.
- Vulnerability Management & Exploitation: Beyond scanning, validate and exploit findings to demonstrate real-world risk and prioritize remediation for engineering teams.
- Secure Architecture Review: Conduct threat modeling and architectural "stress tests" to identify logic flaws in new features before a single line of code is deployed.
- Automated Offensive Tooling: Develop custom scripts and integrate offensive security tools (DAST, IAST) into the CI/CD pipeline to catch "low-hanging fruit" automatically.
- Remediation Advocacy: Partner with developers to provide "exploit-to-fix" guidance, ensuring they understand the how and why behind security patches.
- Incident Support: Act as a subject matter expert during security incidents to help analyze attack vectors and post-mortem findings.
Requirements
- 3+ years of specialized experience in Penetration Testing, Offensive Security, or Application Security.
- Expert-level proficiency with the "Hacker’s Toolkit": Burp Suite Professional, Metasploit, Nmap, SQLmap, and various proxy tools.
- Good Scripting Skills: Ability to write custom exploits or automation scripts in Python, Go, or Bash.
- Cloud & Container Expertise: Proven experience attacking/auditing Kubernetes environments, and containerized workloads.
- Deep Web Knowledge: Thorough understanding of OWASP Top 10, SANS Top 25, and common business logic vulnerabilities.
- CI/CD Familiarity: Experience with CI/CD pipelines and automation tools (e.g., Jenkins, GitLab CI).
Benefits
- The opportunity to work on cutting-edge technology and make a real impact on our organization's security posture.
- A collaborative and supportive work environment with a strong focus on learning and development.
- Hybrid working environment.
- Competitive compensation and benefits package.
- The chance to be part of a team that is passionate about security and innovation.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Senior Penetration Testing Analyst collaborating with DoD and other teams on cybersecurity solutions. Conducting penetration tests and assessments to enhance security across various environments.
Senior Cybersecurity Documentation Specialist managing Risk Management Framework initiatives for Leidos. Supporting cybersecurity documentation and compliance activities across departments with a focus on national security.
Security Engineer role at Contour Software focused on IT administration and security operations. Ensuring tools and systems are secure and aligned with best practices across the organization.
First Vice President driving Axos Bank's information security strategy and leading a high - performing team. Architecting solutions and leading technical initiatives within a fast - paced environment.
Mid to Senior Data Engineer joining CrowdStrike's Cloud Identity & Perimeter team. Focus on developing and maintaining complex data pipelines and security analytics at scale.
Cybersecurity Assessor evaluating enterprise systems for vulnerabilities and compliance. Engaging in assessments and reporting within a hybrid work structure based in Brooklyn Heights, NY.
Security Business Analyst engaging in requirements gathering, risk assessments, and stakeholder liaison. Supporting measurable security outcomes with comprehensive documentation in a hybrid work setup.
Senior Software Engineer developing engaging gamified learning experiences for cybersecurity awareness. Driving technical leadership and product ownership in a rapidly growing team.
Cyber Security Engineer providing cybersecurity support for SCADA, OT networks and industrial control systems at Vestas. Collaborating with cross - functional teams to ensure secure operations in offshore wind farms.