Application Security Engineer

About Allwyn Lottery Solutions

Allwyn Lottery Solutions is a global leader in digital lottery and gaming solutions, part of the Allwyn Entertainment Group. They specialize in developing innovative, scalable, and secure lottery platforms, including their flagship Genesis platform. Their mission is to enhance player experiences and maximize returns for good causes through cutting-edge technology, cloud-based solutions, AI-driven analytics, and responsible gaming.

The Role: Application Security Engineer

As an Application Security Engineer, you will play a crucial role within the Information Security team, responsible for creating and executing cybersecurity solutions to protect the organization's digital information. This role involves a blend of proactive security measures, vulnerability management, and collaboration with development teams to embed security throughout the software development lifecycle.

What You'll Do (Everyday Responsibilities)

• Vulnerability Management: Triage vulnerabilities and review security reports from tools and penetration tests; lead triaging sessions to determine impact and risk, and oversee remediation.
• Security Consultation: Act as a Subject Matter Expert (SME) to development teams, advising on building security into platforms and projects.
• Secure SDLC Integration: Collaborate with development teams to implement secure coding practices and prioritize addressing application security vulnerabilities.
• Code Reviews: Conduct security reviews of code to enhance application security.
• Automation & Tooling: Contribute to the implementation and automation of new application security products and continuously improve security automation and orchestration capabilities.
• AI Integration: Leverage AI-assisted tools for secure code development, faster vulnerability triaging, and more effective vulnerability identification.
• Documentation: Create, update, and maintain security documentation, tools, and integrations.
• Security Awareness: Act as an evangelist for security awareness and stay current with development methodologies.
• Inventory Management: Maintain an accurate inventory of all applications, pipelines, integrations, and other application security assets.

Key Qualifications for Success

• Education: Computer Science Degree (BSc or higher) or equivalent.
• Experience: 2+ years in enterprise software development/engineering, with 2+ years in an application security-focused role.
• Technical Skills:
• In-depth knowledge of web application security and secure coding practices.
• Basic knowledge of network security, cloud security, and cryptography.
• Experience with at least one JVM language (e.g., Java) and another programming language (e.g., JavaScript, NodeJS, Python) and frameworks (e.g., Spring, J2EE).
• Experience in mobile application development or security.
• Understanding of web, mobile, and cloud applications/architectures, databases, and containerization.
• Experience with DAST, SAST, and SCA security scanning tools (configuration/automation).
• Experience reviewing security reports from scanning tools.
• Proven experience leveraging AI to enhance application security activities.
• Strong understanding of supply chain security and secure software delivery.
• Knowledge of application security frameworks (e.g., OWASP ASVS).
• Knowledge of Unix-based OS and scripting (e.g., Bash, Shell).
• Soft Skills: Excellent English communication (written/verbal), ability to lead online meetings, strong organization and prioritization, adaptability, eagerness to learn, collaborative spirit, positive attitude, and mentoring capabilities.

Highly Advantageous Skills

• Experience with Checkmarx products or GitHub automation.
• Experience leading triaging calls and processes.
• Good experience with DAST or API scanning tooling and automation.
• Threat modeling skills.
• Knowledge of AWS.
• Familiarity with Jira, Confluence, and Assets.

Benefits

• Supportive and expert team environment focused on talent and growth.
• Diverse environment with numerous opportunities and challenges.
• Comprehensive onboarding program.
• Attractive salary and bonus plan.
• Health and life insurance.
• Well-being and monthly lunch allowances.
• 360° feedback framework for development.
• Unlimited training options and tools.
• Extensive leave plan.
• Employee Assistance Program.
• Stable and enjoyable working environment.
• Flexible working arrangements (fully remote/hybrid).
• Modern workspace and equipment (Apple devices).

Diversity & Inclusion

Allwyn is an Equal Opportunity Employer committed to diversity and inclusion, prohibiting discrimination and harassment. Employment decisions are based on business needs, job requirements, and individual qualifications. Applications are encouraged from all individuals regardless of background.