- Published: May 2, 2021
Moon Active is headquartered in the heart of Tel Aviv and is one of the world's fastest-growing mobile game companies, providing entertainment for millions of active users across the globe.
We’re looking for talented and inspired individuals to be part of an elite group of application security researchers.
As an Application Security Researcher, you will take an active role in guiding our development teams, helping manage Moon Active Secure Development lifecycle in products that serve millions of users daily. You will work with internal development teams to ensure Moon Active mobile games are designed and implemented securely.
- Primarily responsible for working closely with the development teams to conduct design review, code review, and dynamic analysis.
- Identify, communicate, and drive the resolution of vulnerabilities.
- Research and advocate for new security solutions and technologies.
- Continue to drive security evaluation earlier in the cycles through iterative security testing
- Implement and govern automated secure coding tools and processes (SAST, IAST) to review code as it is written, promoted through the development lifecycle, and into production
- Operate as an incident responder for triage pertaining to web-based vulnerabilities
- Proven experience in high-level code auditing on backend (3 years or relevant military service)
- Proven experience in AppSec research, including deep understanding of major AppSec attacks, vulnerabilities and mitigations including SQL Injection, Deserialization, RCE, etc. (3 years or relevant military service)
- Familiarity with a wide range of programming languages (Go, Java, Kotlin, etc.) and Software Development Life Cycle (SDLC).
- Familiarity with cloud environments - AWS and GCP in particular
- Familiarity with a wide range of database types and architectures
- Optional: You found a high-severity vulnerability in a popular app
- Optional: familiar with mobile application platforms and APIs like Google Play, App Store