Senior Software Engineer, Application Security
Security Irvine, California

We are looking for a talented and motivated Senior Software Engineer specializing in Application Security to join its ranks in Irvine, CA.

If this is you, you are a Software Engineer with a deep passion for security. This person should have experience with a variety of systems, languages, tools and architectures.

About Our Team

The Security Development (SecDev) organization owns all security-related software development efforts across Blizzard. We are a mix of hardcore software engineers, server developers and security-minded individuals who work together to ensure that our company and players are safe from Evil.

We work with all games and software platforms produced by Blizzard, so we get exposed to a mind-boggling array of technologies – not only security technologies, but graphic engines, machine learning systems, web servers, databases etc. It’s an incredible place for passionate software developers to get acquainted with all aspects of developing world class videogames.

You will be part of SecDev’s Application Security team. You will embed yourself in one or more of Blizzard’s teams to help them build secure software. Not only you will help find and fix existing vulnerabilities, but also actively participate on preventing new vulnerabilities from being introduced. You will also have the opportunity to work with elite software engineers to solve specific hard security problems, “tiger team” style.

Responsibilities

  • Perform security reviews and provide insights throughout all phases of software development with our partner teams.
  • Develop and enhance new and existing security-focused tools, systems and services.
  • Evaluate the impact to the organization of current security advisories, publications, and trends.
  • Develop new security solutions/tools to prevent security vulnerabilities and assist in addressing existing security problems.
  • Help detect, highlight, and close security vulnerabilities that surface during the software development lifecycle.

Requirements

  • Bachelor’s Degree in Computer Science or equivalent experience.
  • A minimum of 5 years experience in secure Web Application development.
  • Expert knowledge of security problems associated with modern web languages and frameworks, including but not limited to Javascript (front and backend), Java and C#.
  • Knowledge of penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, CWE, and whitebox exploitation via Burpsuite/Fiddler or similar.
  • Excellent ability to discover and demonstrate flaws such as SQL injection, XSS, and CSRF.
  • Solid understanding of database (SQL, noSQL) security.
  • Knowledge of encryption theory and practice (e.g. TLS, HMAC, RSA, AES, PKI) .
  • Be able to adapt and be entrepreneurial and solve problems quickly, creatively, and collaboratively.

Pluses

  • Aptitude for doing threat modeling on complex systems.
  • Experience in Mobile software development and security.
  • Experience with application security testing tools (static and dynamic code analyzers, fuzzing tools).
  • Enjoys tasty beverages – we work hard and play hard.

Blizzard Entertainment is a global company committed to growing our employees along with the business. We offer generous benefits and perks with an eye on providing true work / life balance. We’ve worked hard to foster an intensely collaborative and creative environment, a diverse and inclusive employee culture, and training and opportunity for professional growth. Our people are everything. Our core values are real, and our mission has never changed. We are dedicated to creating the most epic entertainment experiences…ever. Join us!

Blizzard Entertainment es una compañía de Igualdad de Oportunidades de Empleo. Todos los postulantes calificados serán considerados sin importar raza, color, religión, sexo, orientación sexual, identidad de género, expresión del género, origen nacional, estado de veterano protegido o cualquier otro tipo protegido por la ley, y tampoco serán discriminados en base a discapacidades.

Pedidos de adaptaciones de acceso: Estamos comprometidos a trabajar y brindar asistencia a las personas con discapacidades físicas o mentales. Si requiere un ajuste o adaptación para postularse a un puesto vacante, envíe un correo electrónico con su solicitud a talentacquisition@blizzard.com. No se aceptarán ni procesarán preguntas de empleo generales por este medio. Gracias por su interés.

Nota para los reclutadores y las agencias de colocación: no aceptamos currículums de agencias que no hayan sido solicitados. Por lo tanto, no deben enviar currículums de agencias a nuestro sitio web ni a ninguno de nuestros empleados sin una solicitud previa de nuestra parte. No pagaremos honorarios a ninguna agencia de terceros, reclutador externo o firma sin un contrato de acuerdo mutuo y no nos haremos responsables por cargos de agencias asociados a currículums que no hayan sido solicitados. Todos los currículums recibidos sin un pedido previo se considerarán de nuestra propiedad y se procesarán como tales.