Offers “Amazon”

Expires soon Amazon

Application Security Engineer

  • San Francisco (City and County of San Francisco)
  • Infra / Networks / Telecom

Job description

DESCRIPTION

About Twitch:
Twitch is the world's leading video platform and community for gamers, with more than 100 million visitors per month. We connect gamers from around the world by allowing them to broadcast, watch, and chat with each other. Twitch's live and on-demand video platform forms the backbone of a distribution network for video game broadcasters including pro players, tournaments, leagues, developers and gaming media organizations. Twitch is leading a revolution in gaming culture, turning gameplay into an immersive video experience. Learn more at http://twitch.tv.

About the position:
Twitch is looking for a focused Application Security Engineer with a desire to play on the Blue Team. Maybe you're a pentester who is bored of always winning; maybe you're the local security advocate within your development organization. However you got to where you are, we want one thing from you - help make Twitch's products as safe as they can be for our partners and viewers.
In this role, you will be escorting Twitch's products and features from ideation to deployment. You will be providing consulting to product teams looking to try new things safely. You will be reviewing critical passages of code for adherence to standards and safe practices. Most importantly, you will be helping to build and automate the tools that do the above for you as a force multiplier. And yes, where warranted, there's some pentesting in it for you as well, if you're into that.
You'll find a Requirements section below. If you meet all these then we strongly encourage you to apply. If you meet some of them but think this role sounds like something you'd be great at, we strongly encourage you to apply. If you meet just one of them but think you bring something unique to the team, we strongly encourage you to apply.

Responsibilities
Collaborate with business units and perform threat modeling on new and existing products and features to help guide security activities, suggesting preferred implementation patterns and identifying areas of security risk for scrutiny.Review implementation code and perform Red Team activities on critical products and features; identify security flaws and suggest remediations.Build, automate, and operate security review capabilities for Twitch, such as static and dynamic code analysis across multiple technology stacks and languages.Handle external reports of security vulnerabilities, guiding remediation and making decisions on bug bounties.Encourage a security culture to the business units; train and instill core security values in engineers including exercising risk-based judgments, emphasizing trust and safety in product designs, and prioritizing security remediation work.Participate in the development of security standards, preferred implementation patterns, secure common frameworks, and developer documentation and education materials.

Desired profile

BASIC QUALIFICATIONS

Requirements:
BS degree in Computer Science, Computer Engineering, Electrical Engineering, or equivalent technology experience.
3 years of demonstrated application security experience
Strong demonstrated knowledge of web protocols and an in-depth knowledge of Linux/Unix tools and architecture.
Demonstrated software development proficiency (Go, Ruby, Python, Java, C#, Obj-C/Swift)
Comprehension of algorithms and processes for programmatic automation via scripting or programming languages (Python, Ruby, shell, perl, etc.).
Well-rounded background in host, network and application security
Ability to prioritize multiple tasks and projects in a dynamic environment.
Effective written and oral communication with multiple levels of leadership involving both business and technical sides of the business

Make every future a success.
  • Job directory
  • Business directory