Application Security Engineer - Pokerstars, Hybrid&Remote

Application Security Engineer - Pokerstars, Hybrid&Remote

Application Security Engineer

We are looking for an  Application Security Engineer  to join our Application Security team in Romania. “ This is a great opportunity for an experienced security professional to design a vulnerability management from the initial solution design through to deployment and operation and consumption of our services by internal business units and stakeholders .” 

 
Are you our next star player? 
As an Application Security Engineer, you will join our Application Security team.  As part of this team, you will work with security engineers and collaborate with all stakeholders to ensure our application security practices are solid are aligned with Security by design best practices.  Focusing on specific areas, you will gain in-depth knowledge and provide security expertise. 

 
Why we need you 
Reporting to the Lead Application Security Engineer, you will: 

• Work with our development teams to improve their knowledge of application security and best practices to ensure that we what we build is secure and protects our players and systems at risk. 

• Working closely with our developers you will ensure implementation and continuous improvement of our application security framework to harden our online services and prevent cyber-attacks. 

 

Who we’re looking for: 
An experienced information security engineer capable of providing expertise on application security. 
Your experience: 

• Working exposure on cloud security services and controls including identity and access management. 

• Experience on application security capabilities and controls including (SAST, SCA, Threat Modelling). 

• Working experience performing security analysis of on-prem and cloud architectures including threat assessments of identified weaknesses. 

Your skills: 

• Moderate to extensive work experience in the field of information/software security 

• Knowledge and understanding of software weaknesses (CWE, OWASP) 

• Cryptography and networking protocols 

• Experience with static code analysis tools such as SonarQube 

• Experience with software composition analysis tools such as Snyk 

• Experience with the OWASP Top 10, OWASP Top 10 proactive controls, and secure web development methodologies 

• A solid grasp of web security and Window’s internals 

• Exposure to cloud security best practices, including exposure working with major cloud providers (AWS, Azure, GCP).  

• Familiar with the agile development, Github flow, modern software engineering practices and a Secure SDLC 

• Experience Threat Modelling applications 

• Excellent communication and interpersonal skills, with the ability to influence and lead cross-functional team 

• Attracted to learning new technologies 

• Knowledge of software supply chain security, including understanding the risks associated with open-source components 

 

Requirements: 

• Sound understanding of cybersecurity standards, methodologies, and frameworks. 

• Knowledge of Application Security 

• A keen interest in learning innovative technologies and a passion for information security. 

• Be able to work with multiple teams across the business with differing priorities. 

• Be able to drive initiatives & operate autonomously with support where needed, but limited supervision 

What can you expect: 

• 25 days of annual leave; 

• Sharesave scheme; 

• „Flexible Benefits” of your choice; 

• Private health insurance (includes dental insurance and health assessments); 

• Free parking; 

• Thousands of courses online through ‘Udemy'; 

• Working from home options. 

Ways of working: 
Flexible working is our way of working! We're a diverse workforce and therefore a 'one size fits all' approach isn't necessarily best. Whatever your personal needs may be, let's have a chat and see how we can accommodate them; 
We thank all applicants for their interest, however only the suitable candidates will be contacted for an interview. 
By submitting your application online, you agree that: your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record. If your application is unsuccessful, we will retain your details for a period no longer than two years, in order to consider you for prospective roles within our company.