At a Glance
- Tasks: Identify security flaws in software designs and collaborate with talented teams.
- Company: Join Rockstar Games, a leader in world-class entertainment experiences.
- Benefits: Enjoy a competitive salary, inclusive culture, and opportunities for growth.
- Other info: Dynamic studio environment in Dundee with a focus on learning and collaboration.
- Why this job: Make a real impact on gaming security while working on exciting projects.
- Qualifications: 3+ years in application security with strong knowledge of vulnerabilities.
The predicted salary is between 36000 - 60000 £ per year.
At Rockstar Games, we create world-class entertainment experiences. Become part of a team working on some of the most rewarding, large-scale creative projects to be found in any entertainment medium - all within an inclusive, highly-motivated environment where you can learn and collaborate with some of the most talented people in the industry. Rockstar is on the lookout for a passionate Application Security Engineer who possesses a passion for diving into complex software designs to identify security flaws and vulnerabilities. This is a full-time, permanent and in-office position based in Rockstar’s unique game development studio in the heart of Dundee, Scotland.
WHAT WE DO
The Rockstar Games Application Security team partners with numerous development teams across the company to incorporate security practices throughout the software development lifecycle. We strive to understand the threat landscape affecting our development studios, the gaming industry, and the world at large to define secure development standards and guidelines to safeguard our business and protect our players. We independently assess our application code and builds through various techniques (static analysis, dynamic analysis, software composition analysis, etc.) to identify potential vulnerabilities and design flaws and work with development teams to remediate.
RESPONSIBILITIES
- Track trends in the security community and stay abreast of emerging threats.
- Provide technical security guidance to developers, team leads and producers.
- Create and maintain threat models of applications and features to systematically understand how they can be attacked to prioritize control development.
- Conduct automated and manual security assessments of applications and services.
- Drive remediation efforts behind internally and publicly identified vulnerabilities.
- Support maintaining Rockstar Games’ public and private bug bounty programs.
REQUIREMENTS
- 3+ years of experience working in a professional, academic or research environment identifying and remediating security bugs/flaws.
- Strong knowledge of the principles and techniques for both manual and automated application security assessments of desktop and web applications.
- Good knowledge of common web security vulnerabilities (e.g., OWASP Top 10), attack techniques and remediation tactics/strategies.
- Good understanding of common low-level vulnerabilities (e.g. use-after-free and buffer overflows) and common mitigations.
- Good understanding of networking and web technologies (e.g. WebSockets, HTTPS, TCP/IP, UDP) and security controls relevant to them.
- Familiarity with Windows and Linux operating systems fundamentals.
- Familiarity with the software development lifecycle (SDLC) and working knowledge of components to secure the SLDC.
- Practical experience with client network traffic testing tools and techniques e.g., Burp Suite, Fiddler and Bruno.
- Proficiency in C#.
- Excellent communication skills.
PLUSES
- BSc/MSc in a computer science or related field.
- Background in reverse engineering and exploit research & development and relevant tools such as Ghidra, IDA, x64dbg and WinDbg.
- Experience with scripting and process automation.
- An understanding of effective practices for securing the SDLC that considers developer experience, sustainability and complements release velocity.
- Experience with authentication protocols and extensions such as OAuth2 and OIDC.
- Experience in results-oriented, retail driven environment with strict deadlines and ship dates.
- Familiarity with bug bounty programs/responsible disclosure programs, either running one or as a researcher.
- Proficiency in C++ and JavaScript/TypeScript.
HOW TO APPLY
Please apply with a CV and cover letter demonstrating how you meet the skills above. If we would like to move forward with your application, a Rockstar recruiter will reach out to you to explain next steps and guide you through the process. Rockstar is committed to creating a work environment that promotes equal opportunity, dignity and respect. In line with this commitment, Rockstar will provide reasonable accommodations to qualified job applicants with disabilities during the recruitment process in order for such applicants to be considered for the position for which they are applying, as well as to qualified employees to enable them to perform the essential functions of their roles. If you need more information about Rockstar’s reasonable accommodation policies or process, or need to request an accommodation, please notify your recruiter during the interview process. If you’ve got the right skills for the job, we want to hear from you. We encourage applications from all suitable candidates regardless of age, disability, gender identity, sexual orientation, religion, belief, race, or any other protected category.
Application Security Engineer in Dundee employer: Rockstar
At Rockstar Games, we pride ourselves on being an exceptional employer, offering a vibrant and inclusive work culture that fosters creativity and collaboration. Located in the heart of Dundee, our game development studio provides employees with unique opportunities for professional growth while working on large-scale projects alongside some of the industry's most talented individuals. With a strong commitment to employee well-being and development, we ensure that our team members are equipped with the resources and support they need to thrive in their roles.
StudySmarter Expert Advice🤫
We think this is how you could land Application Security Engineer in Dundee
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those at Rockstar or similar companies. Attend events, join online forums, and don’t be shy about sliding into DMs on LinkedIn. You never know who might have the inside scoop on job openings!
✨Tip Number 2
Show off your skills! Create a portfolio that highlights your experience with application security assessments. Include case studies of vulnerabilities you've identified and how you remediated them. This will give potential employers a clear view of what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on common security vulnerabilities and attack techniques. Be ready to discuss your thought process when assessing applications. Practising mock interviews with friends can help you articulate your knowledge confidently.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you’re genuinely interested in joining Rockstar and being part of their amazing team.
We think you need these skills to ace Application Security Engineer in Dundee
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Application Security Engineer role. Highlight your relevant experience and skills that match the job description, especially your knowledge of security vulnerabilities and assessment techniques.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about application security and how your background makes you a great fit for Rockstar Games. Don’t forget to mention any specific projects or experiences that relate to the role.
Showcase Your Technical Skills:Be sure to include any technical skills that are relevant to the position, like your proficiency in C# or experience with tools like Burp Suite. This will help us see how you can contribute to our team right from the start.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re serious about joining our team!
How to prepare for a job interview at Rockstar
✨Know Your Security Fundamentals
Make sure you brush up on the OWASP Top 10 and common vulnerabilities like buffer overflows. Being able to discuss these in detail will show your depth of knowledge and passion for application security.
✨Showcase Your Experience
Prepare specific examples from your past work where you've identified and remediated security flaws. Use the STAR method (Situation, Task, Action, Result) to structure your answers and make them impactful.
✨Familiarise Yourself with Tools
Get comfortable with tools like Burp Suite and Fiddler. If you can demonstrate practical experience with these during the interview, it’ll give you a significant edge over other candidates.
✨Communicate Clearly
Since good communication skills are essential, practice explaining complex security concepts in simple terms. This will not only help you connect with your interviewers but also showcase your ability to guide developers effectively.
