Lead Application Security Engineer

Join Skillz and Level Up Your Career!

Are you ready to take your career to the next level? Join Skillz, the first publicly-traded mobile esports platform that hosts billions of casual mobile gaming tournaments for millions of players worldwide. Skillz is revolutionizing the gaming industry, providing the ultimate platform for competitive mobile games. By fostering social competition within games, Skillz empowers developers to create multi-million dollar franchises while connecting players through fair, enjoyable, and meaningful competition.

At Skillz, we firmly believe that everyone is born with unique skills and deserves to experience an epic win. We understand the thrill of achievement and the satisfaction of overcoming challenges. That's why we passionately champion game developers and players alike, empowering them to unleash their full potential through the power of competition.

Life @ Skillz

• Culture of Impact: Join a united team of builders, creators, innovators, and entrepreneurs driven by the desire to win. At Skillz, we create value and make a difference in the world.
• Comprehensive Benefits: Enjoy peace of mind with our comprehensive benefits package, which includes 100% coverage for medical, dental, and vision expenses for both you and your entire family. Additionally, take advantage of our 401K matching, equity incentives, pre-tax benefit options, and more.
• Wellness Support: Enhance your well-being with our array of wellness initiatives, including meditation and mental health resources, physical fitness coaching and classes, family planning assistance, health and parenting guidance, virtual therapy sessions, and more.
• Perks: We believe in enhancing your work experience. Enjoy daily breakfast, lunch, dinner, snacks, Friday Happy Hours, a full-size gym with showers, commuter benefits, insurance, and many more. We also offer competitive paid time off (PTO) & company holidays to help you recharge and pursue your passions.

Why Skillz?

• Pioneers of Skill-Based Competition: Skillz is not just any company in the gaming industry; we are the pioneers of skill-based competition, partnered with industry titans like UFC, NFL, T-Mobile, Buzztime, Bowlero, while also hosting renowned events like the Game Developer Conference (GDC). Join us in transforming the way people play games and building the home of competition for all.
• Impact Beyond Gaming: Skillz harnesses the power of its platform to support nonprofit organizations such as Susan G. Komen, American Cancer Society, the NAACP, and more. By participating in Skillz tournaments, you can make a difference and contribute to causes you care about.
• Recognized Success: Skillz has earned recognition as one of Fast Company's Most Innovative Companies, CNBC's Disruptor 50, San Francisco Business Times' Best Places to Work, Forbes' Next Billion-Dollar Startups, and the #1 fastest-growing company in America on the Inc. 5000 list, and many more.
• Talent Magnet: Join a team of talented professionals who are passionate about what they do. Our team includes experts from Meta, Apple, Amazon, Google, Microsoft, Tesla, Twitter (X), Roblox, Zynga, Samsung, Lyft, EA, Riot, Nexon, Gameskraft, PlayStation, Unity, Scopely, Tinder, Intel, Deloitte, EY, Twitch, DraftKings, and more.

The Future of Gaming Awaits!

The gaming industry is larger than movies, music, and books combined, with over 3 billion active gamers playing monthly and over 25 million active developers worldwide. Mobile gaming, in particular, is the fastest-growing segment, projected to reach $300 billion by 2025. At Skillz, you have the opportunity to be at the forefront of this exciting industry and shape its future. We are seeking a Senior Manager, Talent Acquisition who will play a pivotal role in attracting A+ talent to help shape our next-generation platform. This is an opportunity for a dynamic, driven leader to make a significant impact by building a world-class team aligned with our culture and mission.

Job Description:

As the Lead Application Security Engineer - you'll spearhead the technical vision and strategy for the Application Security organization. Your role involves shaping the technical direction for our infrastructure, supporting the growth of our core business, and venturing into new domains.

What we are looking for:

• Proficiency in Programming Languages: Strong expertise in one or more general-purpose languages such as Golang, Java, or Python.
• Distributed Systems & Containerized Environments: Ability to analyze and secure distributed, multi-tiered, containerized systems, including microservices architectures and managing Kubernetes environments with multiple ingress points.
• Cloud Security Expertise: In-depth knowledge of securing cloud resources and network devices on public cloud platforms such as AWS or GCP .
• Security Best Practices Across SDLC : Experience in integrating security best practices throughout the development lifecycle, from design reviews and threat modeling to ensuring proper security in CI /CD pipelines and feature development.
• Penetration Testing & Vulnerability Management: Skilled in securing public-facing endpoints through regular penetration testing (including white, black, and grey box testing), DAST , SAST , fuzz testing, and utilizing EDR (Endpoint Detection and Response) tools.
• Application Security Advocacy: Strong understanding of industry-leading coding practices and application design principles, with the ability to promote and advocate these practices within the team.
• Continuous Learning & Awareness: Keeps up-to-date with the latest security trends, vulnerabilities, and frameworks (e.g., OWASP Top 10, NIST SP 800-53, CWE Top 25).
• Problem-Solving & Debugging: Exceptional problem-solving abilities and expertise in debugging and troubleshooting complex security and application issues.

• Education: BA / BS in Computer Science or a related technical field, or equivalent practical experience.
• Software Development: Over 7 years of experience in software development, with a strong focus on building scalable and secure applications.
• Application Security Expertise: 4+ years of hands-on experience in application security roles, including securing web and mobile applications, network security, and infrastructure security.
• Compliance Experience: Familiarity with regulatory compliance frameworks such as SOX and PCI , and experience ensuring application security meets these requirements.
• Security Tooling Proficiency: Practical experience with leading application security tools, including Burp Suite, Semgrep, and TruffleHog for vulnerability scanning, code analysis, and secrets detection.

• Total Comp: 160K - 500K depending on final level & location.

Join Skillz and Let's Redefine the Boundaries of Gaming!

Together, we'll create a world where skill, passion, and innovation thrive. Join our team and be part of the journey. We look forward to having you on board!

#LI-JM1

#ONSITE