Application Security Architect

Abouts us:

ARRISE sets the benchmark for service delivery and excellence in the iGaming industry. Playing a key role in the success of its clients, which include Pragmatic Play, a brand relied upon by the world’s biggest online casinos for its cutting-edge products, ARRISE helps to deliver exceptional gaming experiences to millions of players worldwide.
 
Our global team of over 6,000 talented and driven professionals are shaping the future of iGaming. Headquartered in Gibraltar, we have offices spanning Canada, India, the Isle of Man, Latvia, Malta, Romania, Serbia, Bulgaria, and the UAE, and more exciting destinations on the horizon.
 
At ARRISE, we take pride in creating growth opportunities at all levels, constantly investing in our people while welcoming new colleagues and forging strategic partnerships that open new opportunities for success.
 
To achieve this, we bet on ourselves. We know that success is a collective effort, and our team is driven by ambition, collaboration, and a shared commitment to grow and succeed—while embracing every step of the journey.
 
Be part of the future of iGaming with 6,000 ARRISERS! See a job that excites you? Apply now, and our friendly recruitment team will connect with you soon. Your journey starts here!

About The Role: 

Application Security Architect, you will work closely with development teams to integrate security best practices into the software development lifecycle (SDLC). You will lead the design, implementation, and review of secure software architectures, identify and mitigate risks, and ensure that applications meet high-security standards. You will also stay ahead of emerging security threats and vulnerabilities and provide thought leadership to drive a security-first mindset across the organization.

Key Responsibilities:

• Application Security Strategy: Develop and implement an overall application security strategy that aligns with business objectives, risk profiles, and regulatory requirements.
• Secure Software Development Lifecycle (SDLC): Partner with development teams to integrate security throughout the SDLC, including the creation of secure coding practices, threat modeling, and secure design principles.
• Security Risk Management: Identify, evaluate, and mitigate security risks in software and applications. Lead threat modeling and vulnerability assessments to ensure systems are secure.
• Security Assessments & Testing: Conduct security assessments including code reviews, penetration testing, vulnerability assessments, and risk analysis to identify and resolve security weaknesses.
• Tooling and Automation: Recommend, implement, and manage security tools (e.g., SAST, DAST, SCA) and automation practices to detect vulnerabilities early in the development cycle.
• Cross-Functional Collaboration: Work closely with software developers, infrastructure teams, and product owners to ensure secure application development and delivery.
• Compliance and Standards: Ensure all applications comply with industry standards, regulations (e.g., GDPR, HIPAA, PCI-DSS), and best practices (e.g., OWASP Top 10).
• Incident Response: Participate in the detection, analysis, and resolution of security incidents related to application vulnerabilities.
• Security Awareness and Training: Develop and deliver security training to developers and other stakeholders on secure coding practices, application security, and emerging threats.
• Documentation: Maintain documentation of security policies, procedures, and controls relevant to application security experience.

Experience:

• 10+ years of experience in cybersecurity, with a focus on application security.
• Proven experience in secure software development, threat modelling, penetration testing, and security risk management.
• Strong experience with common application security tools
• Experience with cloud platforms (AWS, Azure, GCP) and securing cloud-based applications is a plus.
• In-depth knowledge of application security concepts, OWASP Top 10, and secure coding practices.
• Familiarity with common programming languages
• Strong understanding of web application architecture, APIs, and microservices.
• Hands-on experience with security testing tools and automation for application security.
• Experience with threat modelling techniques and risk assessment frameworks.

What We Offer:

• Driven by a persistence to craft immersive experiences and responsible thrills, our professional team consistently deliver best-in-class services with a dedication to create games that players love time and time again.
  
• Professional and personal development
• Opportunities to progress within a dynamic team.
• Close and collaborative colleagues
• Private healthcare for employee only, but can extend to family for a small deduction from wages. Government healthcare also provided for everyone that pays social security contributions (mandatory for all employees). Private healthcare valid from first day.
• Free Gym Membership for Ocean Village or Atlantic Suites
• Free Lunch delivered daily to office
• 23 days annual leave + Public Holidays (approx 12 days)