Sr. Product Security Engineer

Responsibilities :

Tencent is a leading innovator in the gaming industry, dedicated to delivering top-quality games while ensuring the highest standards of security.

We are seeking a highly skilled and experienced Senior Product Security Engineer to join our Security & Compliance team and enhance our game development security practices.

• Design, build, and deploy DevSecOps processes and tools tailored to game development studios.
• Lead the development and implementation of security measures for our game products throughout the development lifecycle.
• Conduct security assessments, including threat modeling, vulnerability analysis, and risk assessments specific to game development.
• Create and maintain security protocols, policies, and procedures to protect sensitive data and ensure compliance with industry standards and regulations.
• Collaborate with game development teams to integrate security best practices and ensure secure coding standards.
• Perform penetration testing, code reviews, and security audits to identify and mitigate potential security threats in game products.
• Stay up-to-date with the latest security trends, technologies, and regulatory requirements relevant to the gaming industry.
• Respond to and manage security incidents, providing timely resolution and post-incident analysis.
• Work closely with cross-functional teams, including IT, legal, and compliance, to ensure a comprehensive security strategy for game products.

Requirements :

• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
• 5+ years of experience in product security engineering or a similar role, preferably in the gaming industry.
• Proven experience in designing, building, and deploying DevSecOps processes and tools.
• Strong knowledge of security best practices, threat modeling, risk assessment, and vulnerability management.
• Proficiency in security tools and technologies, such as static and dynamic analysis tools, penetration testing frameworks, secret scanning / software composition Analysis tools and incident response platforms.
• Experience with CI / CD tools and integrating security into continuous integration and delivery pipelines.
• Expertise in secure coding practices and familiarity with programming languages such as Python, C / C++, Java, or similar.
• In-depth understanding of network security, encryption, authentication, and access control mechanisms.
• Excellent problem-solving skills and the ability to work effectively under pressure.
• Strong communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders.
• Preferred : Experience in the gaming industry, familiar with game development and publishing tech stack and processes
• Relevant certifications such as CISSP, CEH, OSCP, or similar are highly desirable.

Location State(s)

CaliforniaThe base pay range for this position in the state(s) above is $120,000 to $249,600 per year. Actual pay is based on market location and may vary depending on job-related knowledge, skills, and experience.

A sign on payment, relocation package, and restricted stock units may be provided as part of the compensation package, as well as other medical, financial, and / or other benefits, dependent on the specific position offered.