← Zurück zur Liste
Stelle

Application Security Engineer

Security Engineer • Vor Ort • Vollzeit • 📍 Leeds

Rockstar is looking for an Application Security Engineer passionate about diving into complex software designs to identify security flaws and vulnerabilities, partnering with development teams to embed security throughout the SDLC, in a full-time, in-office role in Leeds, England.

Responsibilities

  • Track trends in the security community and stay abreast of emerging threats
  • Provide technical security guidance to developers, team leads, and producers
  • Create and maintain threat models of applications and features to prioritize control development
  • Conduct automated and manual security assessments of applications and services
  • Drive remediation efforts for internally and publicly identified vulnerabilities
  • Support maintaining Rockstar Games' public and private bug bounty programs

Requirements

  • 3+ years of experience identifying and remediating security bugs/flaws in a professional, academic, or research environment
  • Strong knowledge of manual and automated application security assessment techniques for desktop and web applications
  • Good knowledge of common web security vulnerabilities (e.g. OWASP Top 10), attack techniques, and remediation strategies
  • Good understanding of common low-level vulnerabilities (e.g. use-after-free, buffer overflows) and mitigations
  • Good understanding of networking and web technologies (WebSockets, HTTPS, TCP/IP, UDP) and related security controls
  • Familiarity with Windows and Linux operating system fundamentals
  • Familiarity with the software development lifecycle (SDLC) and securing it
  • Practical experience with client network traffic testing tools (Burp Suite, Fiddler, Bruno)
  • Proficiency in C#
  • Excellent communication skills

Nice to have

  • BSc/MSc in computer science or related field
  • Background in reverse engineering and exploit research & development, with tools such as Ghidra, IDA, x64dbg, and WinDbg
  • Experience with scripting and process automation
  • Understanding of SDLC security practices balancing developer experience, sustainability, and release velocity
  • Experience with authentication protocols such as OAuth2 and OIDC
  • Experience in results-oriented, retail-driven environments with strict deadlines
  • Familiarity with bug bounty/responsible disclosure programs, as runner or researcher
  • Proficiency in C++ and JavaScript/TypeScript

Soft skills

Excellent communication skills

About the company

The Rockstar Games Application Security team partners with development teams across the company to embed security practices throughout the software development lifecycle, assessing application code and builds to identify vulnerabilities and design flaws.

Ähnliche Stellen