Senior Application Security Engineer

At Fortis Games, we aspire to create great games that unite people and redefine how game companies operate. We foster a sense of belonging through our games, communities, and our internal culture. Our goal is to build powerful connections and lasting memories, promoting diversity, equity, and inclusion in everything we do. As an early-stage organization led by industry veterans, we offer opportunities for significant impact on our products and company direction. If you are passionate about solving challenging problems with clear communication and a team-first approach, you might be a great fit for us.

We are hiring a Senior Applications Security Engineer responsible for managing all aspects of our application cybersecurity needs.

1. Manage the application security technology stack (SAST, DAST, etc.) and related processes to reduce vulnerabilities.
2. Collaborate with engineering teams, consultants, and leadership to address security risks and recommend mitigations within the Secure Software Development Lifecycle (SSDLC).
3. Validate security controls to ensure compliance with industry standards like OWASP Top 10.
4. Track project progress using project management tools such as ClickUp, Notion, and Google Suite.
5. Build strong relationships with cross-functional teams to ensure timely and high-quality project delivery.
6. Conduct audits and assessments to identify risks and develop remediation plans.
7. Prepare reports and communicate security posture across the organization.

1. Experience working in an Application Security team, preferably in a mobile gaming context.
2. Proficiency in code analysis, automation, and scripting.
3. Expertise in integrating security solutions into SSDLC and CI/CD pipelines (e.g., GitHub Actions) in microservice environments using Kubernetes.
4. Experience with build and deploy processes, infrastructure-as-code (IaC), and CI/CD pipelines.
5. Knowledge of multiple programming languages such as C#, TypeScript, JavaScript.
6. Ability to analyze critical codebase sections and identify vulnerabilities.
7. Experience with SCA, SAST, DAST tools and interpreting their outputs.
8. Ability to define security testing strategies for complex systems.
9. Understanding of international security and privacy standards like GDPR.
10. Familiarity with automated attack tools and mitigation techniques.
11. Knowledge of OWASP Top 10 security issues and how to address them.
12. Understanding of scalable, reliable enterprise application architectures and how to secure them.

We offer several compelling reasons to join Fortis Games:

• We are innovating how game studios operate, with a focus on creating connected communities through our games.
• We prioritize building inclusive communities within our organization, celebrating diversity and fostering growth.
• Join a seasoned team of professionals who have made impactful contributions both within and outside of gaming.

Fortis is an Equal Opportunity Employer. All qualified applicants will be considered regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability, or other protected characteristics.