Application Security Engineer

General Summary

LAIKA is seeking an Application Security Engineer (AppSec) to join our Information Security team and play a vital role in protecting the creative and technical foundation of our studio. From the animation stages to the cloud, you’ll be designing and implementing robust security strategies that keep our content—and the technology that empowers it—safe, secure, and resilient.  

In this role, you’ll partner with software engineers, site reliability engineers (SREs), and technology leaders to conduct in-depth assessments, penetration tests, and vulnerability analyses across a wide range of environments. Your work will directly support the protection of LAIKA’s proprietary tools and workflows, ensuring our stories reach the world untarnished. 

Job Functions

Build & Strengthen Security: 

• Conduct security assessments and code audits to identify and mitigate vulnerabilities. 
• Perform penetration testing across web applications, plugins, SaaS platforms, IoT devices, and networks. 
• Analyze and test source code for security flaws and recommend mitigation strategies. 
•  Administer application security testing tools, including SAST, DAST, and IAST (static, dynamic, and interactive analysis). 
• Develop solutions to drive remediation of security issues through product security tests, bug bounty programs, and vulnerability disclosure programs. 

Collaborate Across Teams:

• Work alongside developers, technology leaders, and external partners to address security risks. 
• Collaborate with internal teams to design and implement security best practices across the development lifecycle. 
• Support security initiatives related to DevOps, SRE, and cloud security architectures. 
• Research, evaluate, and recommend new security tools and methodologies to improve testing capabilities. 
  

Advance Our Security Ecosystem:

• Apply API security best practices and work with public cloud platforms (AWS, Azure, GCP). 
• Utilize red teaming and vulnerability assessment tools (Metasploit, Kali, Nessus, Cobalt Strike, Acunetix). 
• Manage knowledge repositories and CI/CD pipelines using GitHub, GitLab, Jenkins, Perforce, Jira, and Confluence. 
• Stay ahead of emerging cybersecurity threats and continuously improve security testing methodologies. 
• Develop comprehensive security reports and presentations for technical and executive audiences. 

Qualifications

Experience & Background: 

• 5+ years of experience in cybersecurity OR 7+ years in software engineering with a focus on security. 
• Strong understanding of web application security, cloud security, and API security best practices. 
• Hands-on experience with application penetration testing (required). 
• Experience working in cross-functional teams, collaborating with engineers, SREs, and leadership. 
  

Technical Skills: 

• Proficiency in application development and scripting (Python preferred; Perl, Go, or Ruby a plus). 
• Familiarity with public cloud security architectures (AWS, Azure, GCP). 
• Expertise with security testing tools, including SAST, DAST, and vulnerability assessment platforms. 
• Experience with CI/CD security best practices and DevSecOps methodologies. 
  

Preferred Certifications: 

• OSCP, GPEN, or GWAPT certifications or equivalent experience. 

Physical Demands and Work Environment

The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. 

• Physical demands: While performing the duties of this job, the employee is required to walk; stand; sit; use hands to operate standard office equipment; reach with hands and arms; balance; stoop; talk or hear both in person and by telephone. The employee must lift and/or move up to 15 pounds. Vision abilities include close vision, distance vision, and the ability to adjust focus. 
• Work environment: While performing the duties of this job, the employee works under typical office conditions and is exposed to variable indoor temperatures. The noise level is usually quiet or moderate.