Application Security Engineer - Pokerstars, Hybrid&Remote

We are looking for an Application Security Engineer to join our Application Security team in Romania.

Are you our next star player?
As an Application Security Engineer, you will join our Application Security team. As part of this team, you will work with security engineers and collaborate with all stakeholders to ensure our application security practices are solid are aligned with Security by design best practices. Focusing on specific areas, you will gain in-depth knowledge and provide security expertise.

Why we need you
Reporting to the Lead Application Security Engineer, you will:

• Work with our development teams to improve their knowledge of application security and best practices to ensure that we what we build is secure and protects our players and systems at risk.

• Working closely with our developers you will ensure implementation and continuous improvement of our application security framework to harden our online services and prevent cyber-attacks.

Who we’re looking for:
An experienced information security engineer capable of providing expertise on application security.
Your experience:

• Working exposure on cloud security services and controls including identity and access management.

• Experience on application security capabilities and controls including (SAST, SCA, Threat Modelling).

• Working experience performing security analysis of on-prem and cloud architectures including threat assessments of identified weaknesses.

Your skills:

• Moderate to extensive work experience in the field of information/software security

• Knowledge and understanding of software weaknesses (CWE, OWASP)

• Cryptography and networking protocols

• Experience with static code analysis tools such as SonarQube

• Experience with software composition analysis tools such as Snyk

• Experience with the OWASP Top 10, OWASP Top 10 proactive controls, and secure web development methodologies

• A solid grasp of web security and Window’s internals

• Exposure to cloud security best practices, including exposure working with major cloud providers (AWS, Azure, GCP).

• Familiar with the agile development, Github flow, modern software engineering practices and a Secure SDLC

• Experience Threat Modelling applications

• Excellent communication and interpersonal skills, with the ability to influence and lead cross-functional team

• Attracted to learning new technologies

• Knowledge of software supply chain security, including understanding the risks associated with open-source components

Requirements:

• Sound understanding of cybersecurity standards, methodologies, and frameworks.

• Knowledge of Application Security

• A keen interest in learning innovative technologies and a passion for information security.

• Be able to work with multiple teams across the business with differing priorities.

• Be able to drive initiatives & operate autonomously with support where needed, but limited supervision

What can you expect:

• 25 days of annual leave;

• Sharesave scheme;

• „Flexible Benefits” of your choice;

• Private health insurance (includes dental insurance and health assessments);

• Free parking;

• Thousands of courses online through ‘Udemy';

• Working from home options.