Job Specifications
Why PlayStation?
PlayStation isn’t just the Best Place to Play — it’s also the Best Place to Work. Today, we’re recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation®5, PlayStation®4, PlayStation®VR, PlayStation®Plus, acclaimed PlayStation software titles from PlayStation Studios, and more.
PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team.
The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Group Corporation.
Do you want to help bring PlayStation technology to a worldwide audience? Are you passionate about securing infrastructure that constantly pushes the boundary of the gaming industry? Are you ready to work with innovative technology, forward-thinking engineers, and a passionate security team? If so, join us!
About The Team
Information Security > Product Security > Proactive Defense
Information Security functions as a strategic enabler for SIE’s player‑first mentality, commitment to integrity, and drive for innovation while maintaining trust in the PlayStation ecosystem. Our organization, Product Security, embeds security into the entire product lifecycle—from architecture and design through development, testing, release, and maintenance. We focus on enabling innovation safely: supporting new features, devices, and services without sacrificing performance, usability, or creativity.
This role sits in the Proactive Defense team, whose areas of responsibility encompass offensive security engagements and manual verification efforts, including but not limited to penetration testing, responsible disclosure and vulnerability management for application vulnerabilities inside the PlayStation platform.
About The Role
As an Application Security Engineer, you will be responsible for identifying and mitigating security flaws found in applications. Through penetration testing, code review, vulnerability triaging and security assessments, you will work with engineering teams to ensure their applications meet security requirements, providing recommendations to address vulnerabilities.
Key Responsibilities
Penetration Testing: Lead security tests from scoping to report, working with developers to address findings. Proactively discover vulnerabilities and track them to resolution with developers. Validate security controls to ensure alignment with compliance and industry standard methodologies
Vulnerability Management: Track and analyze vulnerabilities in applications, providing guidance and support for remediation efforts. Determine and recommend remediation guidelines
Responsible Disclosure: Investigate and triage vulnerabilities reported from external sources, including Responsible Disclosure program
Collaboration with Development Teams: Collaborate with engineers, consultants and leadership to resolve security risks and provide mitigation recommendations
Qualifications
3+ years previous experience in Information Security
1+ years of penetration testing (or similar) experience OR 2+ years’ experience working within software development
Bachelor’s degree in Computer Science or Information Security, or equivalent work experience
Penetration testing or application security certifications are a plus, such as OSCP, GWAPT, CEH, among others
Good understanding of application security weaknesses for various technologies including web applications, databases, and multi-tier applications
Ability to review source code and explain mitigation controls within source code for various programming languages (Java, C, Go, JavaScript, etc.)
Experience with application security scanning tools such as SAST, SCA and DAST
Experience with web application testing tools like Burp Suite, OWASP ZAP, or Caido
Desired Skills & Attributes
Good written and oral communication skills
Creative and comfortable thinking outside the box
Hacker mentality; can think like an attacker
Great analytical, evaluative, and problem-solving skills
Curious, always aspiring to learn more, seeks understanding of cause and effect
Customer service approach towards internal customers
Please refer to our Candidate Privacy Notice for more information about how we process your personal information, and your data protection rights.
At SIE, we consider several factors when setting each role’s base pay range, including the competitive benchmarking data for the market and geographic location.
Please note that the base pay range may vary in line with our hybrid working policy and individual base pay will be determined based on job-related factors which may include knowledge, skills, experience, and location.
In addition, this role is eligible for SIE’s top-tier benefits package that includes medical, dental, vision, match
About the Company
Sony Interactive Entertainment, the company behind PlayStation, pushes the boundaries of entertainment and innovation, starting from the launch of the original PlayStation in Japan in 1994. Today, we continue to deliver innovative and thrilling experiences to a global audience through our PlayStation line of products and services that include generation-defining hardware, pioneering network services, and award-winning games. Headquartered in San Mateo, California, with global functions in California, London, and Tokyo, and g...
Know more