Responsibilities :
Tencent is a leading innovator in the gaming industry, dedicated to delivering top-quality games while ensuring the highest standards of security.
We are seeking a highly skilled and experienced Senior Product Security Engineer to join our Security & Compliance team and enhance our game development security practices.
- Design, build, and deploy DevSecOps processes and tools tailored to game development studios.
- Lead the development and implementation of security measures for our game products throughout the development lifecycle.
- Conduct security assessments, including threat modeling, vulnerability analysis, and risk assessments specific to game development.
- Create and maintain security protocols, policies, and procedures to protect sensitive data and ensure compliance with industry standards and regulations.
- Collaborate with game development teams to integrate security best practices and ensure secure coding standards.
- Perform penetration testing, code reviews, and security audits to identify and mitigate potential security threats in game products.
- Stay up-to-date with the latest security trends, technologies, and regulatory requirements relevant to the gaming industry.
- Respond to and manage security incidents, providing timely resolution and post-incident analysis.
- Work closely with cross-functional teams, including IT, legal, and compliance, to ensure a comprehensive security strategy for game products.
Requirements :
- Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
- 5+ years of experience in product security engineering or a similar role, preferably in the gaming industry.
- Proven experience in designing, building, and deploying DevSecOps processes and tools.
- Strong knowledge of security best practices, threat modeling, risk assessment, and vulnerability management.
- Proficiency in security tools and technologies, such as static and dynamic analysis tools, penetration testing frameworks, secret scanning / software composition Analysis tools and incident response platforms.
- Experience with CI / CD tools and integrating security into continuous integration and delivery pipelines.
- Expertise in secure coding practices and familiarity with programming languages such as Python, C / C++, Java, or similar.
- In-depth understanding of network security, encryption, authentication, and access control mechanisms.
- Excellent problem-solving skills and the ability to work effectively under pressure.
- Strong communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders.
- Preferred : Experience in the gaming industry, familiar with game development and publishing tech stack and processes
- Relevant certifications such as CISSP, CEH, OSCP, or similar are highly desirable.
Location State(s)
CaliforniaThe base pay range for this position in the state(s) above is $120,000 to $249,600 per year. Actual pay is based on market location and may vary depending on job-related knowledge, skills, and experience.
A sign on payment, relocation package, and restricted stock units may be provided as part of the compensation package, as well as other medical, financial, and / or other benefits, dependent on the specific position offered.