Application Security Engineer

Application Security Engineer

About us:

EveryMatrix is a leading B2B SaaS provider delivering iGaming software, content and services. We provide casino, sports betting, platform and payments, and affiliate management to 200 customers worldwide.

But that's not all! We're not just about numbers, we're about people. With a team of over 1000 passionate individuals spread across twelve countries in Europe, Asia, and the US, we're all united by our love for innovation and teamwork.

Join us on this exciting journey as we continue to redefine the iGaming landscape, one groundbreaking solution at a time.

We are looking for a passionate and dedicated Application Security Engineer to join our team in Bucharest!

About the job:

You will be involved in a wide range of projects to create our security program, yet have a specific focus on application security, for both on-premise and SaaS services. You will act as the Subject Matter Expert and work closely with the various teams on security engineering topics.

What you'll get to do:

• Performing security assessments of the Company software products
• Identifying security flaws within running web-applications and services as part of infrastructure penetration testing and application security reviews
• Analysing internal and third-party security reports
• Assisting developers in understanding and remediating vulnerabilities
• Conducting and managing regular vulnerability assessments in accordance with compliance requirements (PCI DSS, ISO/IEC 27001, etc.)
• Control over the execution of application security analysis through the entire Software Development Life Cycle
• Integrating security mechanisms through automation
• Being part of a Security Incident Response team
• Managing internal security training program

What You need to know:

• 3+ years of experience as an Application Security Engineer, Penetration Tester, or similar role
• A passion for security, and the hacker mentality of doing whatever it takes to figure out and solve a problem
• Strong understanding of the OWASP Top Ten security risks and how to mitigate them
• Ability to manually find and exploit vulnerabilities in web-applications and services
• Experience with Python and Bash or other languages of your choice for tasks automation
• Knowledge of web security attacks in API, WebSockets, browsers etc.
• Experience with common vulnerability scanning and reporting tools (Nessus, Burp Suite, ZAP)
• Good understanding of application security verifications approaches (SAST, IAST, DAST)
• Understanding of cloud environments (GPC, OpenStack)
• Familiarity with agile development, bug tracking, git and Gitlab CI/CD;
• Staying updated on industry trends, best practices, and emerging threats to proactively strengthen application security.

Here's what we offer:

· Start with 22 days of annual leave, with 2 additional days added each year, up to 32 days by your fifth year with us.

· Stay Healthy: 10 sick leave days per year, no doctor's note required.

· Hybrid work schedule: 60% work from the office and 40% work from home per quarter (during your first 3 months, you'll be in the office full-time)

· Support for New Parents:

- 21 weeks of paid maternity leave, with the flexibility to work from home full-time until your child turns 1 year old.

- 4 weeks of paternity leave, plus the flexibility to work from home full-time until your child is 13 weeks old.

Our office perks include parking, on-site massages, and frequent team-building activities in various locations. And did we mention our amazing office space complete with its own pool and gym?

Benefits & Perks:

· Daily catered lunch or monthly lunch allowance.

· Private Medical Subscription.

· Access online learning platforms like Udemy for Business and LinkedIn Learning, and a budget for external training.

At EveryMatrix, we're committed to creating a supportive and inclusive workplace where you can thrive both personally and professionally. Come join us and experience the difference!

EveryMatrix is a member of the World Lottery Association (WLA) and European Lotteries Association. In September 2023 it became the first iGaming supplier to receive WLA Safer Gambling Certification. EveryMatrix is proud of its commitment to safer gambling and player protection whilst producing market leading gaming solutions.