This role works closely with the development teams to verify that our applications satisfy the defined security criteria supporting the organization on the secure design of our gaming platform and conducting reviews of the developed applications while improving the automation of security in our development lifecycle.
Primary Responsibilities:
- Provide technical leadership and guidance on application security best practices methodologies and technologies. Serve as a trusted advisor to development teams architects and stakeholders offering insights and recommendations to enhance the security posture of applications.
- Design and review security architectures for applications ensuring the implementation of effective security controls and countermeasures. Conduct threat modelling exercises to identify potential security risks and vulnerabilities early in the development lifecycle.
- Conduct indepth security assessments code reviews and penetration testing of applications to identify and mitigate security vulnerabilities. Utilise industrystandard tools and methodologies to assess the security posture of applications and provide actionable recommendations for remediation
- Develop and implement security tools scripts and automation workflows to streamline security testing monitoring and compliance activities for applications. Leverage scripting languages and development frameworks to create custom tools tailored to specific security requirements.
- Promote a culture of security awareness among development teams and stakeholders through training sessions workshops and knowledgesharing initiatives. Educate personnel on secure coding practices threat mitigation techniques and compliance requirements.
- Collaborate closely with development teams Product IT operations project managers and other stakeholders to integrate security into the software development lifecycle. Provide guidance and support to ensure security considerations are addressed throughout the application development process.
- Proactively identify opportunities for improvement and optimization of security controls processes and technologies.
- Stay abreast of emerging threats vulnerabilities and security trends in the application security landscape. Conduct research and analysis to evaluate new security technologies techniques and methodologies for potential adoption and integration into security practices.
Occasional Responsibilities:
- Travel to Development centres
Qualifications :
Knowledge/Expertise/Qualifications:
The role requires a person with outstanding technical foundations and a development background that has experience in conducting application security assessments and is able to interact with development teams to resolve the identified issues.
Essential
- Software Development Background
- At least three years experience in a similar Information Security position
- Customeroriented person with the ability to educate and influence a technical audience on Application Security matters
- Fluent in relevant development languages (Java C/C C# Perl PHP Python )
- Experience in the following areas:
- Security Test Management
- Application Security Assessments
- Security Assurance
- Requirements Management
- Knowledge of major frameworks and support libraries (SPRING OSGI ASP.NET etc.)
- Agile Development
- Vulnerability management
- Continues Improvements
- Penetration Testing
- Security Evaluation & Functional Testing
- Application Security Testing
- Application Security Testing Automation
- Enterprise Software
- Data Analysis
- Applied Research
- Legal & Regulatory Environment and Compliance
Desired
- Open source projects
- Online Gaming security experience
- Regulatory and industry standards work: ISO27001 PCIDSS etc.
Relevant professional qualifications will be considered although not a requirement e.g. GIAC CISA CISM CISSP CEH etc.
Additional Information :
At Ivy we do whats right. Its one of our core values and thats why were taking the lead when it comes to creating a diverse equitable and inclusive future for our people and the wider global sports betting and gaming sector. However you identify across any protected characteristic our ambition is to ensure ourpeople across the globe feel valued respected and their individuality celebrated.
We comply with all applicable recruitment regulations and employment laws in the jurisdictions where we operate ensuring ethical and compliant hiring practices globally.
Remote Work :
Yes
Employment Type :
Fulltime