It Application Security Architect
Entain is one of the world's largest sports betting and gaming groups, operating both online and in the retail sector.
With offices across five continents and licences in more than 20 countries, we operate some of the most well-known and iconic brands in the industry with more than 250 years of combined history – names such as Ladbrokes, partypoker, bwin and Coral.
Purpose of Role: This role works closely with the development and operations teams to design, implement, rollout and support the operation of security controls at the application layer.
This role detects new security needs, evaluates the best controls to integrate in the application, develops and tests proof of concept, supports the engineering implementation and the rollout as required.
The role requires a passionate application security engineer with a hands-on development background, a person to create and develop security controls not just to use pre-existing tools.
Primary Responsibilities: Identify gaps in our application security controls, research and propose designs to resolve the gaps and support the implementation of the controls, for instance MFA, user behavior analysis, denial of service prevention, etc; Design and implement software that addresses the identified security gaps; Support the operation of application-level security controls, for instance web application firewalls, bot detection frameworks, etc; Develop tools to improve the security of our applications; Incorporate design solution in Development, DevOps and Architectural best practices; Design processes to improve secure development and testing, then coach and train developers and DevOps management on them; Design, test and improve security architecture of our Products; Execute projects to implement the group Application Security strategy; Support the investigation of incidents relating to gaming platform anomalies, weaknesses and game integrity compromises.
Occasional Responsibilities: Conduct application-level penetration testing and independent reviews of source code repositories; Travel to Group Cyber Security team.
Knowledge: The role requires a person with outstanding technical foundations and a development background that has experience in designing and implementing application security controls, able to have a peer relationship with engineers and architects.
Software engineering background, please share with us your publically available work; At least three years experience in a similar Information Security position; Design and development of security tools; Vulnerability research; Customer-oriented person, with the ability to educate and influence a technical audience on Application Security matters Fluent in relevant development languages (Java, C/C++, Perl, PHP, . NET…); Experience in the following areas: Security design reviews; Knowledge of major frameworks and support libraries (SPRING, OSGI, ASP. NET, etc.
); Web-Application Firewalls (WAF); Multi-factor authenticaton; Bot detection.
Desired Open source projects; Online Gaming security experience; Regulatory and industry standards work: ISO27001, PCI-DSS, etc; Experience in DevOps; Agile Development; Relevant professional qualifications will be considered, although not a requirement, e. g.
GIAC, CISA, CISM, CISSP, OSCP, CEH, etc.
#J-18808-Ljbffr
Diventa il primo a rispondere a un'offerta di lavoro!
-
Perché cercare un lavoro con PostiVacanti.it?
Ogni giorno nuove offerte di lavoro È possibile scegliere tra un'ampia gamma di lavori: il nostro obiettivo è quello di offrire la più ampia selezione possibile Ricevi nuove offerte via e-mail Essere i primi a rispondere alle nuove offerte di lavoro Tutte le offerte di lavoro in un unico posto (da datori di lavoro, agenzie e altri portali) Tutti i servizi per le persone in cerca di lavoro sono gratuiti Vi aiuteremo a trovare un nuovo lavoro