Junglee Games

Security Engineer II- PenTester

As our Security Engineer II- PenTester you will be working on the following.


Responsibilities:

  • Exploit security flaws and vulnerabilities with attack simulations on multiple application platforms like Web, iOS and Android
  • Ability to flow from black box to grey box to white box tests.
  • Ability to effectively work with the engineering teams to provide technical risk. Assessment of technologies in networks, applications, code reviews in the release management cycle.
  • Ability to perform vulnerability assessments and penetration testing, utilizing tools – commercial and open source.
  • Perform, review and analyze security vulnerability data to identify applicability and false-positives.
  • Conduct penetration testing in line with Open Web Application Security Project (OWASP)
  • Write technical reports that include suggested resolution for identified problem areas and perform operational risk assessment.

Requirements

  • Engineering degree in computer science or related field. Masters degree is a plus
  • 3-5 years Experience in Security Pen Testing methodologies including automated scans and manual methods
  • At least one automated testing suite such as Burp, Nexpose, ZAP.
  • Ability to grasp new technology concepts quickly
  • Understanding of the following:
  • Understanding of Web Servers and HTTP
  • In-depth understanding of OWASP top 10 vulnerabilities
  • Basic understanding of PHP, Javascript, Golang, Python
  • TCP/IP networking including IP classes, subnets, NAT
  • SSL Handshake and Certificates – Understanding
  • DNS, and DHCP, Network troubleshooting
  • Remote access methods
  • Should be aware of the latest Major Application Zero-day vulnerabilities
  • Should be able to understand security alerts and take necessary actions accordingly
  • Good documentation and communication skills
  • Ability to work in a team environment and interact with people

Good to Have Skills:

  • Knowledge & Experience in automated solutions to help incorporate Security in all stages of the DevOps pipeline (app and infra). This includes (but is not limited to) SAST, DAST and Container Scanning.
  • Experience with security issues in Cloud Technologies (AWS, GCP, Azure) is a plus
  • Work directly with internal infrastructure teams (DevOps) to align and execute infrastructure changes to support the tools, apps and processes
  • Experience with Docker and containerization technologies
  • Understanding of cryptography primitives
  • Hall of fame (Good to have)


About Junglee Games

Junglee Games is a leader in the skill-gaming space, with close to 96 million users. Founded in San Francisco in 2012, and part of the $30 Bn Flutter Entertainment Group, Junglee Games is the fastest-growing skill-gaming company in the world. Some of our notable games are Junglee Rummy, Howzat, Eatme.io, Carron Stars and Solitaire Gold.

Our mission is to build entertainment for millions of people around the world and connect people through high-quality games.

Since we were founded, we've drawn 650 of the world’s most talented people into our ranks. Our team has worked on international AAA titles like Transformers, Star Wars: The Old Republic, Real Steel, Rio, Mech Conquest, and Dueling Blades. Our designers have worked on some of Hollywood’s biggest hits including the movie Avatar.

Junglee is not just a gaming business - it is a blend of data science, innovation, cutting-edge technology and, most importantly, a values-driven culture that is creating the next set of conscious leaders. Junglee Games is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

You're applying!