Product Security Engineer

Responsibilities:

Conduct Penetration testing on all Playtika's games and platform.
Lead in-depth security assessments, architecture reviews, threat modeling of the application stack, including applications built on cloud and emerging technologies.
Proactively research the company's architecture & technologies to find impactful vulnerabilities & misconfigurations
Review source code for potential security issues, recommend and implement fixes.
Develop security tools to check for vulnerabilities or broken/missing security controls.
Manage and triage findings from various sources like penetration tests, security tools/scanners and bug-bounty reports.
Document and disseminate security guidelines for common security issues, remediation guidance, and security baselines.
Work closely with architects and developers to provide security guidance and mentor them, as necessary.
Actively promote improving the security culture and education within the organization.
Lead the response and analysis of application-level security incidents.

Requirements:

3+ years of hands-on experience in application security (penetration testing), secure development, code review, SSDLC, Threat Modeling.
Deep understanding of web application security threats, exploits, prevention.
Ability to triage, reproduce, recommend remediations and implement fixes for vulnerabilities
Experience in penetration testing, vulnerability scanning, SAST, and DAST.
Passion for understanding and researching vulnerabilities and exploitation techniques
Keeps up with industry trends in security technology and threats
Experience in securing infrastructure in a public cloud (e.g. AWS, Azure, Google Cloud)
Ability to work in a self-directed environment that is highly collaborative and cross-functional
Experience in writing scripts and automated tools in at least one of the following languages - Python, Bash, Ruby and Go
Experience in managing a bug-bounty program - an advantage
Experience in performing red team assessments - an advantage