PlayStation isn’t just the Best Place to Play — it’s also the Best Place to Work. Today, we’re recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation®5, PlayStation®4, PlayStation®VR, PlayStation®Plus, acclaimed PlayStation software titles from PlayStation Studios, and more.
PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team.
The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Corporation.
Application Security Engineer
Remote in the United States
Do you want to help bring PlayStation technology to a worldwide audience? Are you passionate about securing infrastructure that constantly pushes the boundary of the gaming industry? Are you ready to work with innovative technology, forward-thinking engineers, and a passionate security team? If so, join us!
The position is a hands-on application security engineering role for someone who likes working in multi-disciplined teams and with other sharp engineers in a fast-paced and fun environment.
You will provide expert technical guidance and hands on validation of secure solutions during the design, development, and testing of systems supporting the PlayStation products and services.
Collaborate with engineers, consultants and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC).
Perform security architecture and design reviews of all systems and applications developed at PlayStation.
Perform validation of security controls to insure consistency with compliance and industry standard methodologies.
Working together with engineers to mitigate security vulnerabilities identified by our security tools as well as external reported vulnerabilities thought our bug bounty program.
Perform hands on security testing of products and services to proactively discover risks and supervise them to resolution.
Understand, balance and communicate business risk with security risk.
Ability to understand business requirements and apply security without adversely affecting the desired functionality.
High level of personal integrity, with the ability to professionally handle confidential matters, and reflect appropriate level of judgment as it pertains to security.
Leading includes keeping better communication with other specialists and leadership in order to conduct other job duties in the above as a team.
3+ years previous experience in information security.
2+ years’ experience working within software development.
A bachelor’s degree in Computer Science/Information Security/Cyber Security or equivalent.
Excellent written and oral communication skills, as well as social skills including the ability to articulate to both technical and non-technical audiences.
Able to work both independently as well with development teams and multi-task effectively.
Firm understanding of enterprise class application architectures that are highly scalable and reliable and the expertise to secure them.
Experience of security architecture and design reviews.
Experience with multiple languages such as Java, Go, Python and Perl etc. and understand how to detect and remedy related security issues such as OWASP top 10.
Excellent analytical, evaluative, and problem-solving abilities.
Experience with securing host, database, and application solutions for multi-tier systems.
Experience with Penetration Testing.
Knowledge of automated attack tools and developing mitigation techniques.
Hacker Mindset and always strives to think like an attacker.
Experience with AWS and Akamai technologies.
Technical certifications within information security are a plus (CISSP, CCSP, GIAC or equivalents).