Application Security Architect

ABOUT US
Arrise Solutions India Pvt. Ltd. (powering PragmaticPlay) is a leading content provider to the iGaming and Betting Industry, offering a multi-product portfolio that is innovative, regulated and mobile-focused. Pragmatic Play strives to create the most engaging and evocative experience for customers globally across a range of products, including slots, live casino, sports betting, virtual sports and bingo.
Driven by a persistence to craft immersive experiences and responsible thrills, our professional team consistently deliver best-in-class services with a dedication to create games that players love time and time again.
KEY RESPONSIBILITIES:

• Application Security Strategy: Develop and implement an overall application security strategy that aligns with business objectives, risk profiles, and regulatory requirements.
• Secure Software Development Lifecycle (SDLC): Partner with development teams to integrate security throughout the SDLC, including the creation of secure coding practices, threat modeling, and secure design principles.
• Security Risk Management: Identify, evaluate, and mitigate security risks in software and applications. Lead threat modeling and vulnerability assessments to ensure systems are secure.
• Security Assessments & Testing: Conduct security assessments including code reviews, penetration testing, vulnerability assessments, and risk analysis to identify and resolve security weaknesses.
• Tooling and Automation: Recommend, implement, and manage security tools (e.g., SAST, DAST, SCA) and automation practices to detect vulnerabilities early in the development cycle.
• Cross-Functional Collaboration: Work closely with software developers, infrastructure teams, and product owners to ensure secure application development and delivery.
• Compliance and Standards: Ensure all applications comply with industry standards, regulations (e.g., GDPR, HIPAA, PCI-DSS), and best practices (e.g., OWASP Top 10).
• Incident Response: Participate in the detection, analysis, and resolution of security incidents related to application vulnerabilities.
• Security Awareness and Training: Develop and deliver security training to developers and other stakeholders on secure coding practices, application security, and emerging threats.
• Documentation: Maintain documentation of security policies, procedures, and controls relevant to application security.

EXPERIENCE:

• 10+ years of experience in cybersecurity, with a focus on application security.
• Proven experience in secure software development, threat modelling, penetration testing, and security risk management.
• Strong experience with common application security tools
• Experience with cloud platforms (AWS, Azure, GCP) and securing cloud-based applications is a plus.
• In-depth knowledge of application security concepts, OWASP Top 10, and secure coding practices.
• Familiarity with common programming languages
• Strong understanding of web application architecture, APIs, and microservices.
• Hands-on experience with security testing tools and automation for application security.
• Experience with threat modelling techniques and risk assessment frameworks.

WHAT WE OFFER
Driven by a persistence to craft immersive experiences and responsible thrills, our professional team consistently deliver best-in-class services with a dedication to create games that players love time and time again.

• Professional and personal development
• Opportunities to progress within a dynamic team.
• Close and collaborative colleagues