Zynga is seeking talented Sr. Application Security Engineers to join the Application Security team. The ideal candidate will have strong communication skills and a fondness for breaking things, in depth knowledge of application security both web and mobile as well as have a love for looking in the dark corners no one else sees or thinks about.
Responsibilities
Perform code reviews and remediation on identified issues
Perform application penetration and security functional testing
Be a subject matter expert for secure coding, penetration testing and mobile patforms and applications
Develop automation and processes to identify security flaws in code
Participate in architectural and design discussions
Track issues and run reports
Requirements
Ops/sys admin experience in an internet operations environment a plus
Have experience with Flash and HTML5 components and interactions
Have experience with web proxies, traffic manipulation, authentication bypass and bizarre edge cases.
Have at least five years of experience in a Application Security related field (in example: Code reviews, Application Penetration testing)
BA/BS in Computer Science or a related field, or equivalent experience
Excellent knowledge in one or more: PHP, Java, Flash, HTML5, ObjC
Good knowledge of various standard UNIX/Linux services (Apache, MySQL)
Competency in PHP, ruby or Python for automation is required.
Solid understanding of web services architecture and commonly employed technologies
A sense of urgency and experience in responding to and resolving critical issues that relate to the performance of the site and/or core infrastructure
Excellent verbal and written communication skills
Participation in a shifted coverage schedule, including occasionally working nights and on-call rotations
