Application Security Specialist

Company Description
Sports betting, gaming and interactive entertainment is changing, and we're leading that change. By putting people first. By placing exciting, engaging and entertaining experiences at more fingertips than ever before. We're pulling into pole position by pushing boundaries further. With innovation. With technology. But most importantly, with people like you. Because when you join Entain, it's your game. So let's win together.

Job Description
Reporting to the Senior Application Security Manager, you will be part of Entain's global security team who work closely with the development teams to verify that our applications satisfy the defined security criteria, supporting the organisation on the secure design of our gaming platform and conducting reviews of the developed applications, while improving the automation of security in our development lifecycle.

Are you ready to launch a winning career?

What You Will Do

• Conduct comprehensive assessments of applications to identify potential security risks and vulnerabilities. Utilise industry-standard tools and methodologies to perform security testing, code reviews, and penetration testing.
• Design and implement robust security architectures for applications, considering factors such as authentication, authorisation, encryption, and data protection. Ensure compliance with relevant security standards and regulations.
• Manage and maintain security tools and technologies used for application security testing and monitoring. Configure, deploy, and optimise security tools such as static code analysis (SAST), dynamic application security testing (DAST), and web application firewalls (WAFs) to enhance the security posture of applications.
• Promote a culture of security awareness among development teams and stakeholders. Provide training sessions and resources to educate colleagues on secure coding practices, threat mitigation techniques, and compliance requirements.
• Enforce security policies, standards, and controls for applications in alignment with organisational goals and regulatory requirements. Conduct regular audits and assessments to ensure compliance and mitigate risks.
• Collaborate closely with development teams, Product, IT operations, project managers, and other stakeholders to integrate security into the software development lifecycle. Provide guidance and support to ensure security considerations are addressed throughout the application development process.
• Proactively identify opportunities for improvement and optimization of security controls, processes, and technologies.
• Respond promptly to security breaches, investigate root causes, and implement corrective actions to prevent future occurrences.

Qualifications
Who you are
The role requires a person with outstanding technical foundations and a development background that has experience in conducting application security assessments and is able to interact with development teams to resolve the identified issues.

Essential

• Software Development Background
• At least three years experience in a similar Information Security position
• Customer-oriented person, with the ability to educate and influence a technical audience on Application Security matters
• Fluent in relevant development languages (Java, C/C++, Perl, PHP, .NET, Python …)

• Experience in the following areas:

• Security Test Management

• Application Security Assessments
• Security Assurance
• Requirements Management
• Knowledge of major frameworks and support libraries (SPRING, OSGI, ASP.NET, etc.)
• Agile Development
• Vulnerability management
• Continues Improvements
• Penetration Testing
• Security Evaluation & Functional Testing
• Application Security Testing

Desired

• Open source projects
• Online Gaming security experience
• Regulatory and industry standards work: ISO27001, PCI-DSS, etc.
• Experience in Automation

Relevant professional qualifications will be considered, although not a requirement, e.g. GIAC, CISA, CISM, CISSP, CEH, etc.

Additional Information
At Entain, we do what's right. It's one of our core values and that's why we're taking the lead when it comes to creating a diverse, equitable and inclusive future - for our people, and the wider global sports betting and gaming sector. However you identify, our ambition is to ensure our people across the globe feel valued, respected and their individuality celebrated.

We comply with all applicable recruitment regulations and employment laws in the jurisdictions where we operate, ensuring ethical and compliant hiring practices globally.