Application Security Engineer in London

Get to know The Pokémon Company International. The Pokémon Company International manages the Pokémon property outside of Asia and is responsible for brand management, licensing and marketing, the Pokémon Trading Card Game, the animated TV series, home entertainment, and the official Pokémon website. Pokémon was launched in Japan in 1996 and today is one of the most popular children’s entertainment properties in the world.

Job Summary: Designs, implements, and operates security controls to prevent and detect attacks against company systems, applications, and data. Conducts penetration testing and vulnerability assessments across applications, operating systems, and networks. Responds to cybersecurity incidents by identifying, isolating, and removing unauthorized access. Researches emerging threats, performs root cause analysis, and supports the development of security solutions. Communicates business impact related to data loss, system disruption, or unauthorized access.

What you’ll do:

• Administer and enforce security policies governing system and application access.
• Perform application security testing and reviews to ensure secure configurations and compliance with standards.
• Conduct penetration tests and vulnerability assessments across applications, OS, and network layers.
• Lead threat modeling and security design reviews for new technologies and system changes.
• Respond to security incidents, isolating threats and removing unauthorized access.
• Research emerging cybersecurity threats and conduct root cause analysis on issues.
• Implement technical controls to reduce cloud-based risks, including drift, private-cloud gaps, and web-facing vulnerabilities.
• Collaborate with Information Security partners to advance roadmaps and shared initiatives.
• Integrate security testing and controls into development lifecycle phases.
• Provide management with insights on business impact related to data compromise or system unavailability.
• Work within an agile framework to deliver iterative improvements toward team and organizational goals.
• Respond and investigate cybersecurity incidents, which may be off-hours and on a scheduled rotation.

What you’ll bring:

• 5–7 years of relevant experience securing cloud environments, primarily AWS, or equivalent expertise.
• Bachelor’s degree in a related field or equivalent practical experience.
• Strong time management, organizational skills, and attention to detail.
• Solid background in application security engineering and architecture, including MWAF and software development.
• Demonstrated ability to build partnerships and collaborate with cross‑functional teams.
• Strong communication skills, with the ability to clearly present security risks to senior leadership.
• Experience managing security vendors and managed service providers.
• Proven background in incident management and response.
• Security certifications (CISSP, GIAC, CISA, etc.) are a plus.

How you’ll be successful:

• Passion for Pokémon: Develops an understanding of the Pokémon brand, the impact it has on our people, culture, business, fans, and communities, and applying that knowledge and passion to everything you do.
• Challenging the Expected: Approaches challenges with curiosity and creativity, embracing the possibility of failure as an opportunity to learn something new, develop innovative ideas, solve complex problems and identify unique opportunities.
• Integrity and Respect: Demonstrates integrity and respect by leading with empathy, listening to others, seeking out different perspectives, and taking personal responsibility for decisions, actions, and results.
• Dedicated to Quality: Takes ownership to maintain and promote high standards, looks for new ways to learn and improve, and embraces a growth mindset to seek and apply feedback from others in an effort to continuously improve.
• Building Relationships: Develops and strengthens relationships, adopting a “team first” mentality and working collaboratively to solve problems and meet shared goals.
• Delighting Customers: Listens and understands the interests and needs of our customers and stakeholders, making them feel heard and important, and embracing these learnings to continue delivering a unique Pokémon experience.

What to expect:

• An innovative culture driven by impact, delivering meaningful outcomes.
• Company events that celebrate the spirit of Pokémon.
• Competitive cash-based compensation programs.
• 100% employer-paid healthcare premiums for you.
• Generous paid family leave.
• Employer-paid life insurance.
• Employer-paid long and short-term income protection insurance.
• US Employees: 401k Employer Matching.
• UK/IRE/MX Employees: Pension Employer Contributions.
• Fitness reimbursement.
• Commuter benefit.
• LinkedIn learning.
• Comprehensive relocation package for certain roles.
• Hybrid work environment.

The above statements are intended to describe the general nature and level of work being performed by people assigned to this role. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required. Employees may be required to perform duties outside of their normal responsibilities from time to time, as needed.