Senior Offensive Security Engineer at Sporty Group

Europe

Apply with AI Apply

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Online Gaming, Sports TechnologyIndustries

Requirements

Candidates must have over 5 years of experience in application security or offensive security, with a focus on web and API security. Proficiency in authentication mechanisms like OAuth/OIDC, access control vulnerabilities such as IDOR/BOLA, SSRF, and injection attacks is required. Strong scripting skills in Python, Go, or JavaScript, along with experience using proxy tools like Burp Suite or ZAP, are essential. Excellent communication skills to articulate technical risks in terms of business impact are also necessary.

Responsibilities

This role involves planning and executing offensive security engagements across web, mobile, and API surfaces, including authentication flows and business logic. The engineer will build repeatable test harnesses, document exploit chains, and file detailed issues with risk assessments and remediation guidance. Responsibilities also include partnering with engineering teams on design reviews, fixes, and validation, mentoring peers, and contributing to threat modeling and secure design patterns.

Skills

Offensive Security

Web Application Security

Mobile Application Security

API Security

Authentication (OAuth/OIDC)

Access Control (IDOR/BOLA)

SSRF

Injection Vulnerabilities

Python

JavaScript

Burp Suite

OWASP ZAP

Threat Modeling

Secure Design Patterns

Scripting

Exploit Development

Sporty Group

Sports app for news, scores, streaming

About Sporty Group

Sporty.com is a sports app designed for sports enthusiasts, offering features such as sports news, live football scores, live streaming, sports odds, and interactive chat. Users can follow, like, share, and watch sports content without any cost or advertisements, creating a seamless experience. The app targets sports fans who want real-time information and community engagement. Unlike competitors, Sporty.com provides free access to its services, aiming to build a large user base that can be monetized through partnerships and sponsorships in the future. The goal of Sporty.com is to enhance the sports viewing experience while fostering a loyal community of sports fans.

Campbell, CaliforniaHeadquarters

2013Year Founded

VENTURE_UNKNOWNCompany Stage

Consumer Software, EntertainmentIndustries

51-200Employees

Benefits

Quarterly Bonus

Flexible Work Hours

Paid Vacation

Annual Company Retreat

Risks

Resource allocation to Sociable Soccer may divert focus from Sporty.com's core offerings.

Technical integration of Sociable Soccer may affect user experience on Sporty.com.

Unified login system poses potential cybersecurity risks if not properly managed.

Differentiation

Sporty.com offers a free, ad-free sports app experience, unlike many competitors.

The app provides interactive features like chats with football legends, enhancing user engagement.

Sporty.com integrates live scores, streaming, and sports news in one seamless platform.

Upsides

Acquisition of Sociable Soccer expands Sporty Group's reach into the gaming sector.

Partnerships with sports organizations enhance content and provide monetization opportunities.

Growing demand for real-time sports information boosts Sporty.com's user base.

Land your dream remote job 3x faster with AI

Try Jobo Free