Senior Application Security Engineer

Confirmed live in the last 24 hours

Locations

San Francisco, CA, USA

Experience Level

Entry

Junior

Mid

Senior

Expert

Desired Skills

Agile

AWS

Development Operations (DevOps)

Java

Perl

Python

Communications

Requirements

5+ years previous experience in information security
2+ years' experience working within software development
A bachelor's degree in Computer Science/Information Security/Cyber Security or equivalent
Excellent written and oral communication skills, as well as social skills including the ability to articulate to both technical and non-technical audiences
Able to work both independently as well with development teams and multi-task effectively
Firm understanding of enterprise class application architectures that are highly scalable and reliable and the ability to secure them
Experience of security architecture and design reviews
Experience with multiple languages such as Java, Go, Python and Perl etc. and understand how to detect and remedy related security issues such as OWASP top 10
Experience with AWS and Akamai technologies
Experience with securing host, database, and application solutions for multi-tier systems

Responsibilities

Collaborate with engineers, consultants and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC)
Perform security architecture and design reviews of all systems and applications developed at PlayStation
Perform validation of security controls to insure consistency with compliance and industry standard methodologies
Perform hands on security testing of products and services to proactively discover risks and supervise them to resolution
Understand, balance and communicate business risk with security risk
Ability to understand business requirements and apply security without adversely affecting the desired functionality
High level of personal integrity, with the ability to professionally handle confidential matters, and reflect appropriate level of judgment as it pertains to security
Leading includes keeping better communication with other specialists and leadership in order to conduct other job duties in the above as a team

Desired Qualifications

Excellent analytical, evaluative, and problem-solving abilities
Experience with Penetration Testing
Knowledge of automated attack tools and developing mitigation techniques
Hacker Mindset and always strives to think like an attacker
Technical certifications within information security are a plus (CISSP, CCSP, GIAC or equivalents)
Experience with multiple development methodologies such as Agile, DevOps etc

Why PlayStation?

PlayStation isn’t just the Best Place to Play — it’s also the Best Place to Work. Today, we’re recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation®5, PlayStation®4, PlayStation®VR, PlayStation®Plus, acclaimed PlayStation software titles from PlayStation Studios, and more.

PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team.

The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Corporation.

Senior Application Security Engineer

Do you want to help bring PlayStation technology to a worldwide audience? Are you passionate about securing infrastructure that constantly pushes the boundary of the gaming industry? Are you ready to work with innovative technology, forward-thinking engineers, and a passionate security team? If so, join us!

The position is a hands-on application security engineering role for someone who likes working in multi-disciplined teams and with other sharp engineers in a fast-paced and fun environment.

You will provide expert technical guidance and hands on validation of secure solutions during the design, development, and testing of systems supporting the PlayStation products and services.

As a Sr. Application Security Engineer in the Product Security team it is also expected to be the domain specialist in one or several parts within the Secure Development Lifecycle program to mentor and empower other members in the team.

Key Responsibilities

Collaborate with engineers, consultants and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC).
Perform security architecture and design reviews of all systems and applications developed at PlayStation.
Perform validation of security controls to insure consistency with compliance and industry standard methodologies.
Perform hands on security testing of products and services to proactively discover risks and supervise them to resolution.
Understand, balance and communicate business risk with security risk.
Ability to understand business requirements and apply security without adversely affecting the desired functionality.
High level of personal integrity, with the ability to professionally handle confidential matters, and reflect appropriate level of judgment as it pertains to security.
Leading includes keeping better communication with other specialists and leadership in order to conduct other job duties in the above as a team.

Qualifications

5+ years previous experience in information security.
2+ years’ experience working within software development.
A bachelor’s degree in Computer Science/Information Security/Cyber Security or equivalent.
Excellent written and oral communication skills, as well as social skills including the ability to articulate to both technical and non-technical audiences.
Able to work both independently as well with development teams and multi-task effectively.
Firm understanding of enterprise class application architectures that are highly scalable and reliable and the ability to secure them.
Experience of security architecture and design reviews.
Experience with multiple languages such as Java, Go, Python and Perl etc. and understand how to detect and remedy related security issues such as OWASP top 10.
Experience with AWS and Akamai technologies.
Experience with securing host, database, and application solutions for multi-tier systems.

Desired Experience

Excellent analytical, evaluative, and problem-solving abilities.
Experience with Penetration Testing.
Knowledge of automated attack tools and developing mitigation techniques.
Hacker Mindset and always strives to think like an attacker.
Technical certifications within information security are a plus (CISSP, CCSP, GIAC or equivalents).
Experience with multiple development methodologies such as Agile, DevOps etc.

#LI-JM5

At SIE, we consider several factors when setting each role’s base pay range, including the competitive benchmarking data for the market and geographic location.

Please note that the base pay range may vary in line with our hybrid working policy and individual base pay will be determined based on job-related factors which may include knowledge, skills, experience, and location.

In addition, this role is eligible for SIE’s top-tier benefits package that includes medical, dental, vision, matching 401(k), paid time off, wellness program and coveted employee discounts for Sony products. This role also may be eligible for a bonus package. Click here to learn more.

The estimated base pay range for this role is listed below.

$145,700—$218,500 USD

Equal Opportunity Statement:

Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy or maternity, trade union membership or membership in any other legally protected category.

We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.

PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.

5,001-10,000 employees

Website

Online multiplayer gaming and digital media delivery service

Company Overview

Playstation's mission is to deliver new joy, excitement and awe to everyone. The company builds software and hardware for gaming consoles and content.

Benefits

Health and wellness: Medical (PPO, HDHP, and HMO), dental, vision, disability, employee assistance program, flexible spending accounts, health savings account, student loan repayment assistance, education reimbursement program, wellness reimbursement, identity theft protection, basic and voluntary life and AD&D insurance, business travel accident insurance, 4.5% 401(k) match, commuter program, additional voluntary programs (group legal, pet insurance, auto and home insruance), onsite flu shots and biometric screenings
Family and time off: 12 paid holidays, generous PTO, paid parental leave, adoption assistance program, 529 college savings plan match, back-up child care, parental and elder care coaching
Perks: Sony product discounts, passport perks program, monthly $10 Playstation Network voucher, employee referral bonus, game launch events

Company Core Values

Dreams & Curiosity: Pioneer the future with dreams and curiosity
Diversity: Pursue the creation of the very best by harnessing diversity and varying viewpoints
Integrity & Sincerity: Earn the trust for the Sony brand through ethical and responsible conduct
Sustainability: Fulfill our stakeholder responsibilities through disciplined business practices