Senior Application Security Engineer (Gamedev)

TL;DR

Senior Application Security Engineer (Gaming): Leading security initiatives across the SDLC and improving development practices through scalable automation with an accent on threat modeling, security architecture, and code reviews for distributed systems. Focus on partnering with developers and architects to align business goals with security needs, performing hands-on testing, and driving remediation with vulnerability and incident response teams.

Location: Remote (USA), with varying pay ranges based on geographic location (e.g., Seattle).

Salary: $177,300–$265,900 USD

Company

hirify.global is a global leader in entertainment, a wholly-owned subsidiary of Sony Group Corporation, producing the PlayStation family of products and services.

What you will do

• Lead security initiatives across the SDLC and enhance development practices via automation.
• Conduct threat modeling and define security requirements early in design phases.
• Collaborate with developers, architects, and product managers to align security with business goals.
• Lead security architecture and code reviews for distributed systems.
• Perform hands-on testing, identify risks, and drive remediation with vulnerability and incident response teams.
• Mentor engineers to promote secure-by-default thinking and shared accountability.

Requirements

• 7+ years in information security and 3+ years in software development.
• Bachelor’s degree in Computer Science, Information Security, or equivalent experience.
• Effective communication and leadership abilities.
• Deep understanding of enterprise, cloud-native architectures, and secure design.
• Expertise in network and web protocols (TCP/IP, TLS, HTTPS, OAuth 2.0, OpenID Connect) and common attack vectors.
• Proficiency in multiple programming languages (e.g., Java, C/C++, JavaScript, Python) and mitigating OWASP Top 10 vulnerabilities.
• Experience integrating SAST, DAST, and dependency scanning into CI/CD pipelines.
• Hands-on experience with cloud technologies (AWS, Azure, GCP, Kubernetes) and secure configuration/identity management.

Nice to have

• Strong analytical skills with an attacker perspective and ability to simulate real-world attacks.
• Experience in penetration testing, automated testing, or testing frameworks.
• Security certifications (GIAC, OSCP, CEH, CISSP, CCSP).

Culture & Benefits

• Work in an inclusive environment that empowers employees and embraces diversity.
• Flexible remote role with a hybrid working policy.
• Top-tier benefits package including medical, dental, vision, matching 401(k), paid time off, and wellness program.
• Employee discounts for Sony products.
• Opportunity for a bonus package.
• Dedicated to creating a secure-by-default culture.