Senior Application Security Engineer

Who we are

At Fortis Games, we aim to create great games that bring people together and redefine how game companies operate. We foster a sense of belonging through our games, communities, and company culture, emphasizing diversity, equity, and inclusion. Our leadership team comprises industry veterans, offering opportunities for significant impact on our products and company direction. If you are passionate about solving challenging problems with clear communication and a team-first approach, you might be a great fit for us.

About the role

Fortis Games is seeking a Senior Applications Security Engineer responsible for managing all aspects of the company's application cybersecurity needs.

What you'll achieve

• Manage the application security technology stack (SAST, DAST, etc.) and related processes to reduce vulnerabilities.
• Collaborate with engineers, consultants, and leadership to address security risks and recommend mitigations within the Secure Software Development Lifecycle (SSDLC).
• Validate security controls to ensure compliance with industry standards such as OWASP Top 10.
• Track project progress using tools like ClickUp, Notion, and Google Suite.
• Build relationships with cross-functional teams to ensure timely and high-quality project execution.
• Conduct audits and assessments to identify risks and develop remediation plans.
• Create reports and communicate security posture across the organization.

What you’ll need to be successful

• Experience in an Application Security team, preferably within a mobile gaming organization.
• Proficiency in code analysis, automation, and scripting.
• Expertise in integrating security solutions into SSDLC and CI/CD pipelines (e.g., GitHub Actions) in microservice environments using Kubernetes.
• Experience with build and deploy processes, Infrastructure-as-Code (IaC), and CI/CD pipelines.
• Knowledge of multiple programming languages such as C#, TypeScript, and JavaScript.
• Ability to analyze critical codebase components and identify vulnerabilities.
• Experience with SCA, SAST, DAST tools, and interpreting their outputs.
• Ability to define security testing strategies for complex systems.
• Understanding of international security and privacy standards like GDPR.
• Familiarity with automated attack tools and mitigation development.
• Knowledge of OWASP Top 10 and related security issues.
• Understanding of scalable, reliable enterprise application architectures and how to secure them.

Why join us

• We are innovating how game studios operate, focusing on creating connected communities through our games.
• We value building inclusive communities for our team, promoting diversity, inclusivity, and growth.
• Join a talented, experienced team that has made significant impacts both within and outside the gaming industry.

Fortis is an Equal Opportunity Employer. All qualified applicants will receive consideration regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability, or other protected categories.