FreeHire

Moon Active

Application Security Researcher

Show

Moon Active is one of the world’s fastest-growing mobile game companies, providing entertainment to millions of active users across the globe. The company is headquartered in the heart of Tel Aviv.

We’re looking for an experienced Application Security Researcher to join our Security team. As an Application Security Researcher, you’ll take an active role in guiding our development teams to ensure Moon Active’s mobile games are designed and implemented securely. You'll be helping manage Moon Active’s secure development lifecycle in our products that serve millions of users daily. In your role, you will help secure the company’s use of AI and enable its safe adoption across the organization. At the same time, you will use AI extensively in your own work to improve the effectiveness and impact of security.

Responsibilities

  • Collaborate with the development teams to conduct design review, code review, and dynamic analysis.
  • Identify, communicate and drive the resolution of vulnerabilities.
  • Research and advocate for new security solutions and technologies.
  • Continue to drive early security evaluation by conducting iterative security testing.
  • Design and develop AI-powered internal security tools to automate security processes
  • Operate as an incident responder for triage pertaining to applicative vulnerabilities.


Requirements

  • 3+ years of proven experience in AppSec research, including a deep understanding of major AppSec attacks, vulnerabilities and mitigations including SQL injection, Deserialization, RCE, etc or relevant military service.
  • 3+ years of proven experience with high-level code auditing on backend or relevant military service.
  • Familiarity with a wide range of programming languages (Go, JavaScript, TypeScript, etc) and Software Development Life Cycle (SDLC).
  • Hands-on experience in leveraging AI capabilities for Application Security.
  • Deep understanding of how to secure AI-powered applications.

An advantage:

  • Experience with cloud environments - specifically AWS and GCP
  • Found a high-severity vulnerability in a popular app
  • Familiar with mobile application platforms and APIs like Google Play, App Store


#LI-Hybrid