Application Security Engineer (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Application Security Engineer (Cybersecurity): Integrating security practices throughout the software development lifecycle with an accent on vulnerability remediation and secure pipeline architecture. Focus on implementing SAST/SCA tools, fine-tuning detection rules, and establishing security controls within Kubernetes and CI/CD environments.
Location: In-office position based out of Rockstar’s NYC headquarters in Downtown Manhattan
Salary: $121,400 — $166,700 USD
Company
A world-class entertainment creator known for large-scale, high-impact creative projects in the gaming industry.
What you will do
- Architect and support secure SDLC operations embedded in software development pipelines.
- Provide technical security guidance to developers, team leads, and producers.
- Drive remediation efforts for internally and publicly identified vulnerabilities.
- Assess application code and builds using static, dynamic, and software composition analysis.
- Define secure development standards and guidelines to safeguard business and players.
Requirements
- 5+ years of professional experience identifying and remediating security bugs/flaws.
- Knowledge of OWASP Top 10, client-side security landscape, and attack techniques.
- Experience tuning SAST, SCA, and Secrets Detection tools, specifically CodeQL and Semgrep.
- Expertise in CI/CD platforms (TeamCity, GitHub Actions) and Kubernetes orchestration.
- Proficiency in C# and Python, with experience in both Windows and Linux OS.
- Must be based in or able to work onsite at the NYC headquarters.
Nice to have
- Experience building security agents using LangChain or LangGraph for automation.
- Familiarity with Infrastructure as Code (Terraform, Pulumi).
- Experience enforcing security guardrails with Policy as Code (OPA) engines.
- Understanding of C++ and associated compilers.
Culture & Benefits
- Inclusive, highly-motivated environment collaborating with top industry talent.
- Comprehensive medical, financial, and other corporate benefit plans.
- Total compensation may include bonuses and equity awards.
- Commitment to equal opportunity, dignity, and respect in the workplace.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →