Senior Application Security Engineer

Who we are At Fortis Games we aspire to make great games that bring people together while redefining how game companies work. We believe in building a sense of belonging through our games, their communities, and how we operate and treat each other. Through our game communities, we will create powerful connections and lasting memories. We will foster a culture of diversity, equity and belonging where together our diverse skills, experiences and backgrounds impact the games we make. We are an early but mighty organization with a leadership team of game industry veterans. There are many opportunities for you to have a big impact on the products we'll be making as well as the overall direction of the company. If you're passionate about tackling difficult problems with direct and thoughtful communication and team first mentality, we may be the right place for you.

About the role

Fortis Games is hiring a Senior Applications Security Engineer to manage all aspects of the company’s application cybersecurity needs.

What you'll achieve

• Work with Application Security technology stack (SAST, DAST etc.,) and associated processes and procedures to reduce code vulnerabilities
• Collaborate with engineers, consultants and leadership to address security risks and provide mitigation recommendations within the Secure Software Development Lifecycle (SSDLC).
• Perform validation of security controls to ensure consistency with compliance and industry standard methodologies (OWASP Top10)
• Track project progress through project management software such as ClicklUp, Notion and Google suite.
• Build relationships with cross functional teams to execute projects on time and with high quality.
• Perform audits and assessments to identify risk and create a remediation plan.
• Build reports and communicate security posture to all levels of the organization.

What you’ll need to be successful

• Prior experience working on an Application Security team (experience at a mobile gaming organization a plus)
• Very comfortable with code analysis, automation and scripting
• Expert knowledge with architecting and implementing security solutions into Secure Software Development Lifecycle (SSDLC) and CI/CD pipelines(github actions) in microservice environments involving Kubernetes
• Building and architecting build & deploy processes, infrastructure-as-code (IaC), and CI/CD pipelines
• Experience with multiple languages such as C#, Typescript, Javascript, etc.
• Analyzing critical parts of the codebase with the ability to define and review high risk code for vulnerabilities
• Experience implementing, tuning and helping software teams understand the output from SCA, SAST, DAST tools
• Define security test strategies for complex systems, identifying security vulnerabilities
• Experience with international security and privacy requirements such as GDPR
• Knowledge of automated attack tools and developing mitigation techniques
• Detect and remedy related security issues such as OWASP top 10
• Firm understanding of enterprise class application architectures that are highly scalable and reliable and the expertise to secure them

Why join us There are many reasons to join us, but here are a few:

• We strongly believe we are changing how games studios operate and at the core of what we do is making great games that create a connected community
• We're not just about making Games Where You Belong. We're also about building communities where our people belong. That's why Fortis is a thriving environment that celebrates diversity, embraces inclusivity, and fosters growth.
• Build and grow with a seasoned team of accomplished talent who have left an impactful mark in their disciplines, both in and out of gaming

Fortis is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.

Originally posted on Himalayas