Application Security Specialist

5 Months ago • 3 Years + • Cyber Security

Job Summary

Job Description

Xsolla seeks an Application Security Specialist to enhance its security posture. Responsibilities include penetration testing (black box and grey box) of core services, identifying and resolving vulnerabilities, collaborating with development teams, conducting security assessments, and participating in the bug bounty program. The role requires expertise in Linux, PHP/JavaScript, OWASP, and BurpSuite, along with a strong understanding of web application attacks and security best practices. The specialist will also contribute to secure coding training and the implementation of new security systems. The ideal candidate will have at least 3 years of relevant experience.
Must have:
  • Proficiency in Linux, penetration testing, PHP/JavaScript, OWASP, BurpSuite
  • 3+ years experience in application security
  • Understanding of web application attacks and defenses
  • Collaboration with developer teams
  • Secure coding practices knowledge
Perks:
  • Convenient work tools
  • Latest Mac workplaces
  • Free trainings
  • Flexible hours
  • No dress code
  • Comfortable office environment

Job Details

Join Xsolla as an Application Security Specialist, where you’ll dive deep into our infrastructure, architecture, services, and tools to strengthen our security posture. This role offers an exciting opportunity to conduct rigorous penetration testing across Blackbox and Greybox environments. You’ll work closely with developer teams, contribute to the security of our payment systems, and help secure our core services. If you're passionate about Linux, PHP/JavaScript, OWASP, and BurpSuite, and have the drive to innovate security processes, we want to meet you!

RESPONSIBILITIES

    • Familiarize yourself with and master our current infrastructure, services, and tools.
    • Conduct thorough penetration testing of core services in Blackbox and Greybox environments.
    • Identify and investigate vulnerabilities in the company’s products, ensuring they are resolved according to SLAs.
    • Collaborate effectively with product development, IT, and management teams to ensure vulnerabilities are addressed.
    • Conduct security assessments of the company’s service architecture and offer improvement suggestions.
    • Engage in the study of payment systems’ technologies and operations.
    • Assist in the implementation of the security code review process and SDLC automation.
    • Actively participate in the Bug Bounty program and other information security incident investigations.
    • Regularly utilize tools like BurpSuite and various scanners for vulnerability testing and reporting.
    • Develop and conduct training sessions to educate developers on secure coding practices and vulnerability mitigation.
    • Take part in the selection and implementation of new information security systems and processes.

REQUIREMENTS

    • Proficiency in Linux, penetration testing (Blackbox/Greybox), PHP/JavaScript, OWASP, BurpSuite/OWASP ZAP.
    • At least 3 years of relevant experience in application security or a similar role.
    • Strong understanding of web application attacks, how to exploit them, and appropriate defense techniques.
    • Familiarity with manual and automated security analysis tools and experience with SDLC practices.
    • Experience in testing payment systems and an eagerness to learn about their operation and associated technologies.
    • Solid understanding of networking principles and how modern web applications work.
    • Demonstrated ability to work collaboratively with developer teams to mitigate vulnerabilities.
    • Initiative and innovative mindset to create and improve security processes.
    • Strong communication skills and a proactive approach to addressing security challenges.
    • Comfortable with verbal and written communication in English.
BENEFITS:

Convenient work tools
Latest Mac workplaces + additional hardware to make you more effective at work
Google Chat, Gmail, Google Drive, Confluence, Jira, GitLab

Professional growth
Free trainings and participation in specialized conferences
Rich knowledge exchange within the company

More perks
Flexible hours: organize your day according to your needs and sprint & teamwork demands
No dress code
Comfortable and new office environment 

ABOUT XSOLLA

Xsolla is a global video game commerce company with a robust and powerful set of tools and services designed specifically for the video game industry. Since its founding in 2005, Xsolla has helped thousands of game developers and publishers of all sizes fund, market, launch and monetize their games globally and across multiple platforms. As an innovative leader in in-game commerce, Xsolla’s mission is to solve the inherent complexities of global distribution, marketing, and monetization to help our partners reach more geographies, generate more revenue and create relationships with gamers worldwide. Xsolla is headquartered and incorporated in Los Angeles, California, with offices in Berlin, Seoul, and cities worldwide. Xsolla supports major gaming titles like Valve, Twitch, Roblox, Ubisoft, Epic Games, Take-Two, KRAFTON, Nexters, NetEase, Playstudios, Playrix, miHoYo, and more. 

For additional information and to learn more, please visit xsolla.com

PHYSICAL DEMANDS

The physical demands for this position are sits, stands, bends, lifts, and moves intermittently during working hours. These physical requirements may be accomplished with or without reasonable accommodations. 

The duties of this position may change from time to time so the individual and organization can achieve their results. This job description is intended to describe the general level of work being performed. It is not intended to be all-inclusive.

Longevity Opportunity Vision Enjoy the game.

Similar Jobs

VOID Interactive - Release Manager

VOID Interactive

(Remote)
1 Month ago
ION - Technical Consultant - Endur

ION

Jersey City, New Jersey, United States (On-Site)
6 Months ago
Social Discovery Group - Manual QA Engineer (Mobile & Web API Testing)

Social Discovery Group

Georgia (Remote)
3 Months ago
Easygo - HR Business Partner - Brazil

Easygo

São Paulo, State Of São Paulo, Brazil (On-Site)
2 Months ago
Playrix - Senior QA Engineer (Mobile)

Playrix

Montenegro (Remote)
6 Months ago
Canva - Security Engineering Director - Detection & Response - Remote across ANZ

Canva

Melbourne, Victoria, Australia (Remote)
5 Months ago
Rackspace Technology - SOC Lead (Sentinel experience required)

Rackspace Technology

India (Remote)
3 Months ago
Epic Games - Threat Intelligence Manager

Epic Games

(On-Site)
1 Month ago
ByteDance - Senior Software Engineer - Network Security

ByteDance

San Jose, California, United States (On-Site)
1 Month ago
Larian Studios - Lead Security & Network Engineer

Larian Studios

Guildford, England, United Kingdom (On-Site)
2 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Light Speed Studios - Associate Cinematic Producer

Light Speed Studios

Irvine, California, United States (On-Site)
1 Month ago
Evolution - JavaScript / TypeScript Engineer (React)

Evolution

Tallinn, Harju County, Estonia (On-Site)
2 Months ago
Nintendo - Cinematic Technical Animator (Retro Studios)

Nintendo

United States (Remote)
9 Months ago
MyGames - Lead Localization Manager

MyGames

(Remote)
1 Month ago
Krafton  - IT Service Architect

Krafton

Seoul, South Korea (On-Site)
1 Month ago
Nintendo - Email Marketing Coordinator

Nintendo

Redmond, Washington, United States (Hybrid)
5 Months ago
Wind River Systems - Member of Technical Staff

Wind River Systems

Bengaluru, Karnataka, India (On-Site)
6 Months ago
Hangar 13 - Principal AI Designer

Hangar 13

Brighton And Hove, England, United Kingdom (On-Site)
2 Months ago
Gamezop - Quality Assurance Engineer

Gamezop

India (Remote)
8 Months ago
Interactive Brokers - Associate / Senior Associate - Institutional Services

Interactive Brokers

Singapore (Hybrid)
6 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Baku, Azerbaijan

Xsolla - Tech Lead - Metasites

Xsolla

Baku, Azerbaijan (Hybrid)
3 Months ago
N-iX - Senior Database Engineer

N-iX

Azerbaijan (Remote)
2 Months ago
Xsolla - Senior Backend Developer

Xsolla

Baku, Azerbaijan (On-Site)
1 Month ago
Xsolla - Customer Support Representative

Xsolla

Baku, Azerbaijan (On-Site)
3 Months ago
N-iX - Senior Data Engineer

N-iX

Azerbaijan (Remote)
1 Month ago
Xsolla - Middle+/Senior IT Recruiter

Xsolla

Baku, Azerbaijan (Remote)
1 Month ago
Xsolla - Front End Software Engineer

Xsolla

Baku, Azerbaijan (On-Site)
1 Month ago
Xsolla - Middle / Senior QA for Xsolla Account

Xsolla

Baku, Azerbaijan (On-Site)
6 Months ago
Xsolla - PHP Backend Developer

Xsolla

Baku, Azerbaijan (Hybrid)
3 Months ago
Xsolla - Middle / Senior Backend Developer for Xsolla Account

Xsolla

Baku, Azerbaijan (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

Immutable - Application Security Engineer

Immutable

Sydney, New South Wales, Australia (Hybrid)
2 Months ago
Magna International - Sr. Penetration Test Engineer

Magna International

Bengaluru, Karnataka, India (On-Site)
7 Months ago
Rackspace Technology - SOC Analyst L2

Rackspace Technology

Gurugram, Haryana, India (Remote)
1 Month ago
PwC - Manager - Assurance - IT Audit

PwC

Jakarta, Jakarta, Indonesia (On-Site)
7 Months ago
PwC - Risk Services - AI Strategy Lead

PwC

Singapore (On-Site)
7 Months ago
OKX - Graduate Hire 2024/25 - SRE/Security Engineer

OKX

Hong Kong (On-Site)
6 Months ago
NVIDIA - Senior AI System Security Architect - Networking

NVIDIA

Tel Aviv-Yafo, Tel Aviv District, Israel (On-Site)
3 Months ago
ION - Security Architect, Italy

ION

Italy (Hybrid)
6 Months ago
The Walt Disney Company - Manager, Studios Cybersecurity Risk and Product Security

The Walt Disney Company

Glendale, California, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

About The Company

Xsolla's video game business engine helps game developers and publishers operate more efficiently and sell more games. Serving only the video game industry, Xsolla caters to businesses from indie to enterprise, with solutions that solve the complexities of distribution, marketing, and monetization so developers, publishers, and platform partners. Our goal is to increase your audience, sales and revenue.


Headquartered in Los Angeles, with offices worldwide, Xsolla operates as a merchant and seller of record for major gaming entities like Valve, Twitch, Ubisoft, Epic Games, and PUBG Corporation. 

Beijing, China (On-Site)

Baku, Azerbaijan (Hybrid)

Los Angeles, California, United States (Hybrid)

Montreal, Quebec, Canada (Hybrid)

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)

View All Jobs

Get notified when new jobs are added by Xsolla

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug