Senior Security Engineer (Infrastructure & Product Security)

ChillBase studio is an independent and innovative player in the gaming industry. We’re fueled by our passion for crafting outstanding products.

We are looking for a Senior Security Engineer who will help strengthen the security of our infrastructure, internal services, and product environment.
This is a key engineering role with a broad technical scope: from cloud and platform security to API and product-level protection.
 

What you will be doing:

Infrastructure & Cloud Security

• Development and enhancement of security controls for cloud and infrastructure

• Management of network security: WAF, DDoS protection, firewall, mTLS

• Reduction of the attack surface at the infrastructure and service levels

Product & API Security

• Analysis and enhancement of API security and service interactions

• Conducting black-box testing and identifying vulnerabilities at the product level

• Participation in securing backend architecture and service communication

• Working with vulnerabilities and prioritizing them from a business risk perspective

Offensive Security & Testing

• Conducting and coordinating vulnerability assessments and pentests

• Working with bug bounty programs and responsible disclosure

• Identifying weak points through offensive security practices

• Testing system resilience against various types of attacks

What we want to see:

• Experience in roles such as Security Engineer / Infrastructure Security / Platform Security

• Strong hands-on experience in cloud / infrastructure security

• Practical experience with Kubernetes security

• Deep understanding of network security (WAF, DDoS, firewall, mTLS)

• Experience with Linux hardening and understanding of attack surface

• Experience with GCP and/or AWS IAM (least privilege, service accounts, audit logs)

• Automation skills (Python / Bash / Go or any other language)

• Experience with Terraform (infrastructure / security as code)

• Experience conducting vulnerability assessments / pentests

• Ability to view systems from an attacker’s perspective and translate this into engineering solutions

• Independence and maturity in making technical decisions

Additionally, it would be great to have:

• Experience in product / application security

• Experience with bug bounty programs

• Experience conducting black-box testing

• Experience in high-load product companies

• Understanding of abuse / anti-cheat / product security aspects in game development

• Experience working with corporate systems and access management (Google Workspace, etc.)