Application Security Engineer
Bellevue, Washington, United States
The Pokémon Company International
Get to know The Pokémon Company International
The Pokémon Company International, a subsidiary of The Pokémon Company in Japan, manages the property outside of Asia and is responsible for brand management, licensing, marketing, the Pokémon Trading Card Game, the animated TV series, home entertainment, and the official Pokémon website. Pokémon was launched in Japan in 1996 and today is one of the most popular children's entertainment properties in the world.
Learn more online at Pokemon.com and on Facebook (facebook.com/pokemon), YouTube (youtube.com/pokemon), Twitter (twitter.com/pokemon), and Instagram (instagram.com/pokemon).
Get to know the role
Job Title: Application Security Engineer
Job Summary: The Application Security Engineer is responsible for the detection and prevention of security threats against The Pokémon Company International’s (TPCi’s) software assets, integrating security tools into daily operations, security architecture, full stack security design, and secure application architecture. This role will be key to and overseeing application security standards and requirements.
FLSA Classification (US Only): Exempt
People Manager: No
What you’ll do
- Assist in developing and updating application security standards, secure coding principles, and threat modeling processes.
- Drive continuous improvement of security testing and application security controls.
- Manage application security solutions, such as Web Application Firewalls (WAF), security scanners, and Runtime Application Self-Protection (RASP) solutions.
- Integrate application security testing and controls into different phases of teams’ development lifecycles.
- Manage enterprise application penetration testing engagements and TPCi’s bug bounty program.
- Provide application security expertise and consulting to partner teams in Tech and across the enterprise through threat modeling and code/design reviews.
- Alongside the Information Security team, responsible for responding to and remediating security events / incidents.
- Collaborate with the Information Security team to ensure successful completion of our roadmaps and initiatives.
- Partner closely on security operations tasks with cross-functional teammates in IT, DevOps, Engineering, and Test.
- Work leveraging an agile methodology by making iterative progress toward achieving individual, team, and organizational objectives.
What you’ll bring
Required
- 3 to 5 years of experience in Information Security.
- 3 to 5 years of experience in related technology functions, such as infrastructure/cloud engineering or software development.
- Experience with application security products (WAFs, RASP, Botnet prevention, Security Scanning/Testing)
- Knowledge of threat modeling and secure development processes.
- Excellent analytical skills, organizational skills, ingenuity and ability to work as part of a team
Desired
- Knowledge or experience with threat modeling and secure development processes.
- Cloud technology experience with Microsoft or AWS information security
- Experience working with security vendors and developing requirements and recommendations based on evaluating products and analyzing functionality
- BS Degree in Computer Science or Computer Engineering and/or equivalent working experience.
- Information Security certifications (CISSP, SANS GIAC, CISA, etc.) a plus
- Offensive Security/Pen test certifications (OSCP, etc.) a plus
How you’ll be successful
- Passion for Pokémon: Develops an understanding of the Pokémon brand, the impact it has on our people, culture, business, fans, and communities, and applying that knowledge and passion to everything you do.
- Challenging the Expected: Approaches challenges with curiosity and creativity, embracing the possibility of failure as an opportunity to learn something new, develop innovative ideas, solve complex problems and identify unique opportunities.
- Integrity and Respect: Demonstrates integrity and respect by leading with empathy, listening to others, seeking out different perspectives, and taking personal responsibility for decisions, actions, and results.
- Dedicated to Quality: Takes ownership to maintain and promote high standards, looks for new ways to learn and improve, and embraces a growth mindset to seek and apply feedback from others in an effort to continuously improve.
- Building Relationships: Develops and strengthens relationships, adopting a “team first” mentality and working collaboratively to solve problems and meet shared goals.
- Delighting Customers: Listens and understands the interests and needs of our customers and stakeholders, making them feel heard and important, and embracing these learnings to continue delivering a unique Pokémon experience.
What to expect
- An employee first culture
- Company events that celebrate the spirit of Pokémon
- Competitive cash-based compensation programs
- 100% employer-paid healthcare premiums for you
- Generous paid family leave
- Employer-paid life insurance
- Employer-paid long and short-term income protection insurance
- Fitness reimbursement
- Commuter benefit
- LinkedIn learning
The above statements are intended to describe the general nature and level of work being performed by people assigned to this role. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required. Employees may be required to perform duties outside of their normal responsibilities from time to time, as needed. For roles in the United Kingdom, candidates will need the right to work. In some cases, and for some roles, the Company may be able to arrange a visa. For roles in Ireland, this role requires candidates to have the right to live and work in the Republic of Ireland. However, we welcome applications from all nationalities and may consider supporting an employment permit application, in appropriate and suitable cases.
Internal Job Code: TE.ICIO.P2
Internal Job Profile: Information Security Engineer (IC2)
#LI-PS #LI-Hybrid
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security AWS CISA CISSP Cloud Computer Science DevOps Firewalls Full stack GIAC Offensive security OSCP Pentesting SANS
Perks/benefits: Career development Competitive pay Fitness / gym Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs