Senior Application Security Platform Engineer
Rockstar Games
Job details
At Rockstar Games, we create world-class entertainment experiences.
Become part of a team working on some of the most rewarding, large-scale creative projects to be found in any entertainment medium - all within an inclusive, highly-motivated environment where you can learn and collaborate with some of the most talented people in the industry.
Rockstar is on the lookout for a passionate Senior Security Platform Engineer who is skilled at diving into complex software designs to identify security flaws and vulnerabilities.
This is a full-time, in-office position based out of Rockstar’s NYC headquarters in Downtown Manhattan.
WHAT WE DO
- The Rockstar Games Application Security team partners with numerous development teams across the company to incorporate security practices throughout the software development lifecycle.
- We strive to understand the threat landscape affecting our development studios, the gaming industry, and the world at large to define secure development standards and guidelines to safeguard our business and protect our players.
- We independently assess our application code and builds through various techniques (static analysis, dynamic analysis, software composition analysis, etc.) to identify potential vulnerabilities and design flaws and work with development teams to remediate.
RESPONSIBILITIES
- Architect and support secure software development lifecycle operations embedded in software development pipelines.
- Provide technical security guidance to developers, team leads, and producers.
- Drive remediation efforts behind internally and publicly identified vulnerabilities.
REQUIREMENTS
- 5+ years of experience working in a professional, academic or research environment identifying and remediating security bugs/flaws, assisted by automated pipelines.
- Knowledge of common web security vulnerabilities (e.g., OWASP Top 10), client-side security landscape, attack techniques and remediation tactics/strategies.
- Experience implementing and tuning SAST, SCA, IaC and Secrets Detection tools effectively, especially fine-tuning static analysis detections with custom rule engines (CodeQL, Semgrep).
- Expertise deploying within CI/CD platforms (TeamCity or GitHub Actions) and container orchestration frameworks (e.g. Kubernetes), including establishing appropriate security controls in them
- Experience in establishing monitoring and observability techniques of build pipelines and their outputs.
- Experience with both Windows and Linux operating systems.
- Proficiency in C#, Python.
PLUSES
Please note that these are desirable skills and are not required to apply for the position.
- Hands-on experience building or deploying security agents using frameworks like LangChain or LangGraph to automate complex multi-step security tasks.
- Familiarity with using Infrastructure as Code languages (Terraform, Pulumi) to deploy secure architecture.
- Experience enforcing security guardrails with Policy as Code (e.g. OPA) engines to existing and new CI/CD workflows.
- Understanding of C++ and associated compilers.
- Experience in establishing CI/CD controls for cloud-native pipelines and runtime environments
HOW TO APPLY
Please apply with a resume and cover letter demonstrating how you meet the skills above. If we would like to move forward with your application, a Rockstar recruiter will reach out to you to explain next steps and guide you through the process.
Rockstar is committed to creating a work environment that promotes equal opportunity, dignity and respect. In line with this commitment, Rockstar will provide reasonable accommodations to qualified job applicants with disabilities during the recruitment process in order for such applicants to be considered for the position for which they are applying, as well as to qualified employees to enable them to perform the essential functions of their roles. If you need more information about Rockstar’s reasonable accommodation policies or process, or need to request an accommodation, please notify your recruiter during the interview process.
If you’ve got the right skills for the job, we want to hear from you. We encourage applications from all suitable candidates regardless of age, disability, gender identity, sexual orientation, religion, belief, race, or any other protected category.
#LI-BW1
The pay range for this position in New York State (inclusive of New York City) at the start of employment is expected to be between the range below* per year. However, base pay offered is based on market location, and may vary further depending on individualized factors for job candidates, such as job-related knowledge, skills, experience, and other objective business considerations.
Subject to those same considerations, the total compensation package for this position may also include other elements, including a bonus and/or equity awards, in addition to a full range of medical, financial, and/or other benefits. Details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, employee will be in an "at-will position" and the company reserves the right to modify base salary (as well as any other discretionary payment or compensation or benefit program) at any time, including for reasons related to individual performance, company or individual department/team performance, and market factors.