Betting Jobs are working with a very well-established iGaming brand who have offices across several locations worldwide. They are looking to add to their IT Operations team with this Senior Application Security Specialist position.
Location: Athens or Belgrade only
Provide application security services into the software development lifecycle including secure design, coding techniques and reviews, education & awareness, process and tools, security testing support and guidance
Perform web application security testing (Penetration tests)
Identify application security risks and requirements for new projects and system developments.
Sign-off on application security prior to implementation
Work with the architecture and development groups to review code for security vulnerabilities and embed/improve security threat modelling and secure coding in the development lifecycle
Provide technical advice to ensure that security standards are met
Develop security testing plans and integrate into the software development lifecycle
Perform/oversee security testing and manage remediation of identified vulnerabilities
Support the InfoSec team in the promotion of information security best practice and embedding information security within the development streams
Report on application security KPI’s to the Cyber Security Manager
At least 5 years of experience and In-depth knowledge of application security vulnerabilities, secured design, security testing techniques, and the OWASP framework
In depth understanding of secured web application and web services development in at least two of the following: PHP, .Net, JAVA
Understanding of various CMS platforms such as Drupal, Joomla and Wordpress
Experience of web application and agile development methodologies
Understanding of web servers and HTTP protocol running on Windows and Linux servers
Good to have at least one of the following certifications:
o SANS GIAC Penetration Tester (GPEN)\Certified Ethical Hacker by the International Council of E-Commerce Consultants (EC-Council.)
o GIAC Certified Web Application Defender
o GIAC Web Application Penetration Tester
Knowledge of technical security architectural principles and creating application threat models
Able to prioritize workload and drive work to set deadlines
Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships up to senior levels of management.
Ability to work alone and build relationships across the organization.