Get to know The Pokémon Company International
The Pokémon Company International, a subsidiary of The Pokémon Company in Japan, manages the property outside of Asia and is responsible for brand management, licensing, marketing, the Pokémon Trading Card Game, the animated TV series, home entertainment, and the official Pokémon website. Pokémon was launched in Japan in 1996 and today is one of the most popular children's entertainment properties in the world.
Learn more online at Pokemon.com and on Facebook (facebook.com/pokemon), YouTube (youtube.com/pokemon), Twitter (twitter.com/pokemon), and Instagram (instagram.com/pokemon).
Get to know the role
Job Title: Application Security Engineer
Job Summary: The Application Security Engineer is responsible for the detection and prevention of security threats against The Pokémon Company International’s (TPCi’s) software assets, integrating security tools into daily operations, security architecture, full stack security design, and secure application architecture. This role will be key to and overseeing application security standards and requirements.
FLSA Classification (US Only): Exempt
People Manager: No
What you’ll do
- Assist in developing and updating application security standards, secure coding principles, and threat modeling processes.
- Drive continuous improvement of security testing and application security controls.
- Manage application security solutions, such as Web Application Firewalls (WAF), security scanners, and Runtime Application Self-Protection (RASP) solutions.
- Integrate application security testing and controls into different phases of teams’ development lifecycles.
- Manage enterprise application penetration testing engagements and TPCi’s bug bounty program.
- Provide application security expertise and consulting to partner teams in Tech and across the enterprise through threat modeling and code/design reviews.
- Alongside the Information Security team, responsible for responding to and remediating security events / incidents.
- Collaborate with the Information Security team to ensure successful completion of our roadmaps and initiatives.
- Partner closely on security operations tasks with cross-functional teammates in IT, DevOps, Engineering, and Test.
- Work leveraging an agile methodology by making iterative progress toward achieving individual, team, and organizational objectives.
What you’ll bring
- 3 to 5 years of experience in Information Security.
- 3 to 5 years of experience in related technology functions, such as infrastructure/cloud engineering or software development.
- Experience with application security products (WAFs, RASP, Botnet prevention, Security Scanning/Testing)
- Knowledge of threat modeling and secure development processes.
- Excellent analytical skills, organizational skills, ingenuity and ability to work as part of a team
- Knowledge or experience with threat modeling and secure development processes.
- Cloud technology experience with Microsoft or AWS information security
- Experience working with security vendors and developing requirements and recommendations based on evaluating products and analyzing functionality
- BS Degree in Computer Science or Computer Engineering and/or equivalent working experience.
- Information Security certifications (CISSP, SANS GIAC, CISA, etc.) a plus
- Offensive Security/Pen test certifications (OSCP, etc.) a plus
How you’ll be successful
- Passion for Pokémon: Develops an understanding of the Pokémon brand, the impact it has on our people, culture, business, fans, and communities, and applying that knowledge and passion to everything you do.
- Challenging the Expected: Approaches challenges with curiosity and creativity, embracing the possibility of failure as an opportunity to learn something new, develop innovative ideas, solve complex problems and identify unique opportunities.
- Integrity and Respect: Demonstrates integrity and respect by leading with empathy, listening to others, seeking out different perspectives, and taking personal responsibility for decisions, actions, and results.
- Dedicated to Quality: Takes ownership to maintain and promote high standards, looks for new ways to learn and improve, and embraces a growth mindset to seek and apply feedback from others in an effort to continuously improve.
- Building Relationships: Develops and strengthens relationships, adopting a “team first” mentality and working collaboratively to solve problems and meet shared goals.
- Delighting Customers: Listens and understands the interests and needs of our customers and stakeholders, making them feel heard and important, and embracing these learnings to continue delivering a unique Pokémon experience.
What to expect
- An employee first culture
- Company events that celebrate the spirit of Pokémon
- Competitive cash-based compensation programs
- 100% employer-paid healthcare premiums for you
- Generous paid family leave
- Employer-paid life insurance
- Employer-paid long and short-term income protection insurance
- Fitness reimbursement
- Commuter benefit
- LinkedIn learning
- Comprehensive relocation package
- Hybrid work environment
The above statements are intended to describe the general nature and level of work being performed by people assigned to this role. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required. Employees may be required to perform duties outside of their normal responsibilities from time to time, as needed. For roles in the United Kingdom, candidates will need the right to work. In some cases, and for some roles, the Company may be able to arrange a visa. For roles in Ireland, this role requires candidates to have the right to live and work in the Republic of Ireland. However, we welcome applications from all nationalities and may consider supporting an employment permit application, in appropriate and suitable cases.
Internal Job Code: TE.ICIO.P2
Internal Job Profile: Information Security Engineer (IC2)