Application Security Engineer - Remote Opportunity

About the Role

We are hiring an Application Security Engineer to join our team at The Pokémon Company International. This remote Application Security Engineer position offers a unique opportunity to design, implement, and operate security controls to protect our systems, applications, and data against cyber threats. You will play a crucial role in conducting penetration testing and vulnerability assessments, ensuring the security of our applications and infrastructure.

What You'll Do

• Administer and enforce security policies governing system and application access.
• Perform application security testing and reviews to ensure secure configurations and compliance with standards.
• Conduct penetration tests and vulnerability assessments across applications, operating systems, and network layers.
• Lead threat modeling and security design reviews for new technologies and system changes.
• Respond to security incidents, isolating threats and removing unauthorized access.
• Research emerging cybersecurity threats and conduct root cause analysis on issues.
• Implement technical controls to reduce cloud-based risks, including drift, private-cloud gaps, and web-facing vulnerabilities.
• Collaborate with Information Security partners to advance roadmaps and shared initiatives.
• Integrate security testing and controls into development lifecycle phases.
• Provide management with insights on business impact related to data compromise or system unavailability.
• Work within an agile framework to deliver iterative improvements toward team and organizational goals.
• Respond and investigate cybersecurity incidents, which may be off-hours and on a scheduled rotation.

Requirements

• 5–7 years of relevant experience securing cloud environments, primarily AWS, or equivalent expertise.
• Bachelor’s degree in a related field or equivalent practical experience.
• Strong time management, organizational skills, and attention to detail.
• Solid background in application security engineering and architecture, including MWAF and software development.
• Demonstrated ability to build partnerships and collaborate with cross-functional teams.
• Strong communication skills, with the ability to clearly present security risks to senior leadership.
• Experience managing security vendors and managed service providers.
• Proven background in incident management and response.
• Security certifications (CISSP, GIAC, CISA, etc.) are a plus.

Nice to Have

• Experience with security frameworks and compliance standards.
• Knowledge of secure coding practices and application development methodologies.
• Familiarity with threat intelligence tools and practices.

What We Offer

• Competitive cash-based compensation programs.
• 100% employer-paid healthcare premiums for you.
• Generous paid family leave.
• Employer-paid life insurance.
• Employer-paid long and short-term income protection insurance.
• Pension Employer Contributions for UK/IRE/MX Employees.
• Fitness reimbursement and commuter benefits.
• LinkedIn learning access.
• Comprehensive relocation package for certain roles.
• Hybrid work environment.