Security Engineer – Game Security & Platform Protection
Worldwide
Seeking a Security Engineer to join the Information Security team. This role focuses on securing the client, backend, and content distribution layers of games, with a strong emphasis on game integrity, asset protection, and secure platform engineering. This is a highly technical, hands-on role for someone who can operate across game engines, backend systems, and cloud infrastructure while building scalable security solutions embedded directly into development pipelines. What You Will Do 1. Secure Game Clients & Content Pipelines - Lead initiatives to harden asset bundles and content delivery pipelines. - Design and implement: o Signed asset manifests and validation mechanisms o Integrity verification for downloaded content o Secure bundle loading controls and trusted source enforcement o Expiration and validation of CDN-delivered metadata - Identify and eliminate risks such as: o Leaked internal endpoints o Exposure of hidden or test features o Reverse-engineering vectors via client assets 2. Evolve Game Integrity & Signature Systems - Redesign and strengthen signature and secret management models. - Drive: o Per-game and per-platform secret isolation o Secure key storage and rotation strategies o Backward-compatible signature evolution - Reduce systemic risk from shared cryptographic implementations. 3. Strengthen Third-Party SDK Security - Build and maintain a governance model for third-party SDKs. - Lead: o SDK inventory and permission analysis o Removal of unused or high-risk integrations o Security review and approval workflows for new SDKs o Monitoring of vulnerabilities and version drift - Partner with engineering teams to sandbox or isolate high-risk SDKs. 4. Embed Security into Game Development - Work directly with game teams (Unity and backend) to: o Integrate security into CI/CD pipelines (Bamboo, GitHub Actions) o Automate scanning, validation, and enforcement o Improve secure coding practices across client and server codebases - Support development across: o Unity (client) o ASP.NET Core backends o React and Angular frontends 5. Build Secure Cloud-Native Systems - Design and implement security controls across AWS environments, including: o IAM and access control models o Containerized workloads (ECS, EKS, ECR) o EC2-based services and supporting infrastructure - Partner with platform teams to secure: o Deployment pipelines o Runtime environments o Secrets and configuration management (SSM, SCPs) 6. Automate Security at Scale - Build tools and automation using Python, C#, and Bash. - Develop infrastructure-as-code security patterns using: o Terraform, CDK, and CloudFormation o Ansible - Integrate security into artifact management (JFrog) and developer workflows. 7. Act as a Technical Leader - Partner with studios to align security efforts with game roadmaps and business priorities. - Provide expert guidance on client-side threats, reverse engineering, and exploitation. - Influence engineering teams to adopt scalable, low-friction security solutions. - Raise the bar for pragmatic, engineering-driven security practices. What We're Looking For Core Experience - 8–12+ years of experience in Security Engineering, Software Engineering, or Product Security. - Strong background in Game Security, Application Security, or Platform Security. - Hands-on experience with Unity and backend systems. Technical Skills - Strong programming skills in C#, Python, and/or Bash. - Experience securing applications built with: o ASP.NET Core o React or Angular - Deep understanding of: o Secure client-server communication o Asset protection and obfuscation techniques o Reverse-engineering and tampering risks Cloud & DevSecOps - Strong hands-on experience with AWS (IAM, EC2, ECS, EKS, ECR, SCP, SSM). - Experience with: o CI/CD (Bamboo, GitHub Actions) o Terraform, CDK, CloudFormation o Ansible o JFrog - Proficiency with Git-based workflows. Security Expertise - Strong understanding of Application Security, OWASP, Secure SDLC, pipeline integration, cryptography, and key management. - Proven experience identifying and mitigating: o Client-side vulnerabilities o Asset leakage and exploitation o Third-party supply chain risks Desired Aptitudes - Builder mindset - Systems thinker - Pragmatic and product-oriented - High ownership - Strong communication and stakeholder management skills Bonus Skills - Mobile or live-service gaming experience - Offensive security or reverse engineering background - Anti-tampering or anti-cheat experience - CDN security and content distribution knowledge - Security certifications such as CISSP, OSCP, or equivalent
$1,000.00
Fixed-price- IntermediateExperience Level
- Remote Job
- Ongoing projectProject Type
Skills and Expertise
Activity on this job
- Proposals:5 to 10
- Interviewing:0
- Invites sent:0
- Unanswered invites:0
About the client
- PHLBocaue2:46 PM
- $2.2K total spent4 hires, 1 active
Explore similar jobs on Upwork
How it works
Create your free profileHighlight your skills and experience, show your portfolio, and set your ideal pay rate.
Work the way you wantApply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
Get paid securelyFrom contract to payment, we help you work safely and get paid securely.
About Upwork
- 4.9/5(Average rating of clients by professionals)
- G2 2021#1 freelance platform
- 49,000+Signed contract every week
- $2.3BFreelancers earned on Upwork in 2020
Find the best freelance jobs
Growing your career is as easy as creating a free profile and finding work like this that fits your skills.
Trusted by