MPL Gaming - Security Engineer - Penetration Testing (1-4 yrs)

Roles and responsibilities :

- Perform regular pentest of organizational assets

- Managing a bug bounty program

- Prioritize security findings and work with engineering teams in resolving them at the earliest.

- Work with third party vendors to solve security challenges and perform pentests

- Work on a diverse domain of information security across the organization, most importantly infrastructure and product security

- Develop automation for security testing in the CI/CD pipeline

- Automate parts of infrastructure security and develop/implement security automation to solve manual effort on a day-day basis

- Run ongoing Red team exercises.

What are we looking for in a candidate (Skillset) :

- 1+ years of hands-on experience with GCP workloads.

- 2+ years of hands-on experience with Vulnerability Assessment and Penetration Testing

- Detailed working knowledge of application vulnerabilities for consumer mobile applications (Android, iOS) and API endpoints and remediation techniques

- Thorough understanding of OWASP Top 10 for Web, Mobile and APIs

- Hands-on experience with security tools such as Frida, BurpSuite, Nessus, Metasploit etc.

- Good understanding of microservices application architecture, threat modelling and identifying privacy issues and data leaks

- Breadth of technical knowledge in any 2 of these, application security, mobile security, data security, cloud security.

- Hacker mindset. Like to find ways to bypass systems and find vulnerabilities.

- Passion to learn new things, solve challenging problems

- Ability to code in one scripting language (Python, Go, Java, C etc.)

- Ability to automate repetitive tasks

- If you can find a high/critical vulnerability in MPL, we would be very much interested in having a chat with you, plus a bounty of course

- Good communication and stakeholder management skills

Good to haves

Actively participates in bug bounty programs & CTFs

Strong understanding of Mobile, Web and microservice architecture