Nintendo of America Inc.
The worldwide pioneer in the creation of interactive entertainment, Nintendo Co., Ltd., of Kyoto, Japan, manufactures and markets hardware and software for its Nintendo Switch™ system and the Nintendo 3DS™ family of portable systems. Since 1983, when it launched the Nintendo Entertainment System™, Nintendo has sold billions of video games and hundreds of millions of hardware units globally, including Nintendo Switch and the Nintendo 3DS family of systems, as well as the Game Boy™, Game Boy Advance, Nintendo DS™ family of systems, Super NES™, Nintendo 64™, Nintendo GameCube™, Wii™, and Wii U™ systems. It has also created industry icons that have become well-known, household names, such as Mario, Donkey Kong, Metroid, Zelda and Pokémon. A wholly owned subsidiary, Nintendo of America Inc., based in Redmond, Wash., serves as headquarters for Nintendo's operations in the Americas. For more information about Nintendo, please visit the company's website at http://www.nintendo.com.
Nintendo is an equal opportunity employer. We offer a welcoming and inclusive environment in service to one another, our products, the diverse consumers we represent, and the communities we call home. We do all of this with kindness, empathy and respect for each other.
Do you get excited by the challenge of analyzing data? Do you love to “purple team” your way into understanding the latest threat vectors? Do you want to defend a global gaming company from threat actors? Nintendo of America is looking for an experienced Security Engineer to join our Security Engineering team to help analyze indicators to generate actionable intelligence and insight into current threats.
As a Security Engineer, you will perform cyber threat intelligence analysis, correlate actionable security events, and collaborate with various internal teams to design, optimize and analyze security postures across Nintendo of America entities and enhance global security and operations. Your subject matter expertise and your excellent communication skills will help you convey your thoughts and ideas to evangelize these capabilities across multiple teams.DESCRIPTION OF DUTIES
- Performs application penetration tests on a variety of services and web applications.
- Reviews and analyzes source code in large applications using manual, dynamic, and static scanning methodologies.
- Performs security architecture reviews of in-house, SaaS, and vendor applications.
- Provides application vulnerability remediation guidance, priority, and recommendations to developers and administrators.
- Collaborate with development teams to build security practices into CI/CD pipelines.
- Engages in incident response activities.
- Provides guidance on data analysis and reporting including use of complex analysis or machine learning.
- Builds automation around security investigation and response workflows.
- Develops, documents, and executes threat hunting operations in complex web applications to detect known adversary TTPs.
- Build threat models around applications to quantify our security risk against known adversary behaviors and campaigns
- Detect and respond to advanced threats, actor techniques, anomalous or suspicious activity, combined with intelligence, to identify potential and active risks to systems and data
- Maintains, upgrades, operates, advises and cross-trains team members on security operations platforms.
SUMMARY OF REQUIREMENTS
- Strong knowledge of web service technologies, load balancer services, and APIs.
- Strong knowledge of application vulnerabilities and remediations, secure coding best practices, and development lifecycles.
- Understanding of Threat Modeling and ability to communicate security requirements
- Advanced skill in one or more general purpose development languages such as Python, Ruby, Go, bash, or PowerShell.
- Experience working in multiple security domains such as platform hardening, vulnerability management, web application and browser security, penetration testing, applied cryptography, network protocols and secure network design.
- Proven experience with work on complex security issues where analysis of situations or data requires an in-depth evaluation of variable factors.
- Bachelor of Science degree in Computer Science, Computer Engineering, Electrical Engineering, Information Technology, Information Systems, or related field or equivalent combination of education and experience.
Apply on company website