Senior Application Security Engineer at PlayStation Global

United States, RemoteFull-timeRemoteInformation SecurityPosted 14 days ago

About the Role

<div class="content-intro">Why Sony Interactive Entertainment? Sony Interactive Entertainment isn’t just the Best Place to Play — it’s also the Best Place to Work. Sony Interactive Entertainment (SIE) is the company behind the PlayStation brand. As a subsidiary of Sony Group Corporation, we’re part of a proud legacy of innovation and excellence. SIE is a dynamic technology company, delivering cutting-edge hardware and network services to more than 100 million people and an entertainment leader, home to some of the most beloved and recognizable intellectual properties (IP) in the world. Our role at SIE is to create and nurture the experiences under the PlayStation brand, a name synonymous with entertainment excellence and creativity.</div>Do you want to help bring PlayStation technology to a worldwide audience? Are you passionate about securing infrastructure that constantly pushes the boundary of the gaming industry? Are you ready to work with innovative technology, forward-thinking engineers, and a passionate security team? If so, join us! The role is a senior-level application security position combining strong technical expertise with leadership, initiative, and collaboration. You will provide strategic mentorship and hands-on support in designing, implementing, and testing secure solutions that strengthen PlayStation products and services. As a technical leader within Product Security, you’ll guide practices and influence multiple teams to embed security throughout the software development lifecycle. <h2>Key Responsibilities</h2> <ul> <li> Lead security initiatives across the SDLC and improve development practices through scalable automation. </li> <li> Conduct and guide threat modeling and security requirements early in design phases. </li> <li> Partner with developers, architects, and product managers to align business goals with security needs. </li> <li> Lead security architecture and code reviews for distributed systems. </li> <li> Perform hands-on testing to identify risks and drive remediation with vulnerability and incident response teams. </li> <li> Advance the Product Security strategy through multi-functional initiatives and cultural influence. </li> <li> Balance business and security risks through technically grounded, pragmatic recommendations. </li> <li> Translate lessons learned into reusable organizational assets that enhance overall security posture. </li> <li> Mentor engineers and practitioners, promoting secure-by-default thinking and shared accountability. </li> <li> Demonstrate proactive leadership, coordinating teams to deliver measurable security and business impact. </li> </ul>   <h2>Qualifications</h2> <ul> <li> 7+ years in information security and 3+ years in software development. </li> <li> Bachelor’s degree or equivalent in Computer Science, Information Security, or related field. </li> <li> Effective communication and leadership abilities; capable of influencing technical and non-technical collaborators including management. </li> <li> Dedicated and proactive, finding opportunities and leading initiatives independently. </li> <li> Deep understanding of enterprise and cloud-native architectures and their secure design. </li> <li> Expertise in network and web protocols (TCP/IP, TLS, HTTPS, OAuth 2.0, OpenID Connect) and common attack vectors. </li> <li> Proven expertise in guiding security development and code evaluations and providing actionable, risk-based recommendations. </li> <li> Skilled in multiple programming languages (e.g., Java, C/C++, JavaScript, Python) and mitigating vulnerabilities such as OWASP Top 10. </li> <li> Experience integrating SAST, DAST, and dependency scanning into CI/CD pipelines. </li> <li> Familiar with Agile, DevOps, and modern delivery practices. </li> <li> Hands-on experience with cloud technologies (AWS, Azure, GCP, Kubernetes, service mesh, CDN) including secure configuration and identity management. </li> </ul>   <h2>Desired Experience</h2> <ul> <li> Strong analytical and problem-solving skills with an attacker perspective — able to anticipate and simulate real-world attacks. </li> <li> Experience in penetration testing, automated testing, or testing frameworks (JUnit, pytest, REST Assured, Playwright). </li> <li> Security certifications preferred (GIAC, OSCP, CEH, CISSP, CCSP, or equivalent). </li> </ul>    <div class="content-pay-transparency"><div class="pay-input"><div class="description">Please refer to our <a href="https://www.playstation.com/en-us/legal/careers-privacy-notice/">Candidate Privacy Notice</a> for more information about how we process your personal information, and your data protection rights.   At SIE, we consider several factors when setting each role’s base pay range, including the competitive benchmarking data for the market and geographic location.  Please note that the base pay range may vary in line with our hybrid working policy and individual base pay will be determined based on job-related factors which may include knowledge, skills, experience, and location.  In addition, this role is eligible for SIE’s top-tier benefits package that includes medical, dental, vision, matching 401(k), paid time off, wellness program and coveted employee discounts for Sony products. This role also may be eligible for a bonus package. Click <a href="https://careers.playstation.com/benefits" target="_blank">here</a> to learn more.</div><div class="title">This is a flexible role that can be remote, with varying pay ranges based on geographic location. For example, if you are based out of Seattle, the estimated base pay range for this role is listed below.</div><div class="pay-range">$177,300—$265,900 USD</div></div></div><div class="content-conclusion">Please note, Sony Interactive Entertainment conducts background checks at the offer stage for all new employees (which may include criminal background checks for some roles) and will need to process personal information to support these checks. Please refer to our <a href="https://www.playstation.com/legal/careers-privacy-notice/" target="_blank">Candidate Privacy Notice</a> for more information about what personal information we collect, how we use it, who we share it with, and your data protection rights. Equal Opportunity Statement: Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category. We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.  Sony Interactive Entertainment is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.  </div>

About the Role

Related Roles