Job description
Are you someone who’s up for a challenge, who likes to test the effectiveness, efficiency and security of systems, processes and procedures. Do you want your next opportunity to be part of a highly ambitious Infosec team, who are super passionate about all things cyber security and to top it off become part of one of the leading online gaming companies in Europe?
You will become a key role within the team, taking responsibility for building out our secure product development programme across tombola to ensure we continue to produce safe, secure and class leading products for our players.
You will work closely with our technology teams to streamline and automate security testing capabilities, threat modelling, and to contribute to use the right design decisions.
Ideally, we’re looking for....
- Knowledge and understanding of application security testing methodologies.
- Awareness of industry standards and regulations e.g., ISO27001/2 PCI-DSS, ISF, NIST.
- Previous work experience within a security testing, application / product security or development focused job role.
- Familiarity with agile development processes, and awareness of the benefits of integrating secure development practices.
- Experience of analysing security requirements and applying architectural best practices and patterns to solutions.
- Experience of working with cloud technology platforms – AWS desirable as well as familiarity with a variety of technology and testing tools, including GitHub, Burp Suite, Kali Linux, NMAP, Metasploit etc.
Your responsibilities will be…
- Assist with the design and delivery of the secure-by-design product security framework within the tech group.
- Help with the integration and management of security tools, standards, and processes into the product/software development lifecycle.
- Development of metrics and reporting on the state of application security initiatives, and the performance of development teams against the secure-by-design programme.
- Assist with defining developer secure coding practices and ensure that developers and QA/test teams are trained with the appropriate level of security knowledge to perform their daily activities.
- Improving and supporting application security tool deployments including code analysis testing, utilising code scanning features within GitHub, container and runtime testing tools and integrating where applicable into CI/CD pipeline
- Utilise a combination of SAST, DAST and IAST tooling at defined stages of the SDLC to identify security vulnerabilities and plan remediations.
- Supporting the incident response and architecture review processes whenever product security expertise is needed.
- Assist with the planning and delivery of penetration testing services both regulatory tech compliance and internal assurance purposes.
So apart from the chance of a lifetime to make a real impact, what else is in it for you? Take a look at our benefits page to learn more, but a quick snapshot would include
- Free breakfast, free lunch, free barista coffee, free snacks.
- Free gym to work off the free lunches
- Quarterly bonuses
- Private healthcare
If you want to know a bit more about it before applying, then drop Gemma a note for an informal chat – [email protected]