Zynga is seeking talented Sr. Application Security Engineers to join the Application Security team. The ideal candidate will have strong communication skills and a fondness for breaking things, in depth knowledge of application security both web and mobile as well as have a love for looking in the dark corners no one else sees or thinks about.
- Perform code reviews and remediation on identified issues
- Perform application penetration and security functional testing
- Be a subject matter expert for secure coding, penetration testing and mobile patforms and applications
- Develop automation and processes to identify security flaws in code
- Participate in architectural and design discussions
- Track issues and run reports
- Ops/sys admin experience in an internet operations environment a plus
- Have experience with Flash and HTML5 components and interactions
- Have experience with web proxies, traffic manipulation, authentication bypass and bizarre edge cases.
- Have at least five years of experience in a Application Security related field (in example: Code reviews, Application Penetration testing)
- BA/BS in Computer Science or a related field, or equivalent experience
- Excellent knowledge in one or more: PHP, Java, Flash, HTML5, ObjC
- Good knowledge of various standard UNIX/Linux services (Apache, MySQL)
- Competency in PHP, ruby or Python for automation is required.
- Solid understanding of web services architecture and commonly employed technologies
- A sense of urgency and experience in responding to and resolving critical issues that relate to the performance of the site and/or core infrastructure
- Excellent verbal and written communication skills
- Participation in a shifted coverage schedule, including occasionally working nights and on-call rotations
Zynga - 12 months ago