Senior Application Security Engineer

The company sets the benchmark for service delivery and excellence in the iGaming industry. Playing a key role in the success of its clients, including Pragmatic Play, the company helps deliver exceptional gaming experiences to millions of players worldwide. With a global team of over 10,000 professionals, headquartered in Gibraltar, the company has offices in Canada, India, the Isle of Man, Latvia, Malta, Romania, Serbia, Bulgaria, and the UAE.

As a Senior Application Security Engineer, you will act as a technical authority, ensuring secure design, development, deployment, and integrity across both on-prem and SaaS environments. You will thrive in a fast-paced, collaborative environment, wearing multiple hats to meet the demands of the role.

Responsibilities:

• Define and mature secure Software Development Life Cycle (SDLC) and Application Security (AppSec) program frameworks.
• Embed secure coding practices into development and backend platform engineering.
• Lead threat modeling and high-risk security reviews for major releases.
• Implement application security testing tools (e.g., SCA, ASPM), container scanning, and secrets detection in CI/CD pipelines.
• Perform penetration testing and manage external penetration testing efforts.
• Manage application vulnerabilities from identification to remediation.
• Provide guidance for development teams.
• Design, maintain, and enforce organization-wide paved roads and guardrails.

Requirements:

• 5+ years in application security, secure architecture, or related functions.
• Demonstrated ability to influence senior engineering and product leadership.
• Proven implementation of CI/CD security automation and secure coding practices.
• Strong understanding of web, API, and microservice security.
• Experience with Java and Javascript.
• Experience in Penetration Testing.

Preferred:

• Knowledge of Kubernetes/container security.

Work Conditions:

• Hybrid work arrangement.
• Relocation support is not provided for this role.