Application Security Engineer

Overview:

SOFTSWISS continues to expand the team and is looking for an Application Security Engineer. We need a true, experienced, and accomplished professional who shares our culture and values.

Our goal is to make sure that we deploy secure software to production without unnecessary bottlenecks, that applications are properly hardened, and security vulnerabilities, once discovered, are fixed by the developers.

As an Application Security Engineer, you will play a crucial role in ensuring the security of our applications throughout the entire software development lifecycle (SDLC). You will partner closely with the product teams to identify, analyze, and mitigate security vulnerabilities, contributing to the creation of trustworthy and robust products.

Security Team:

SOFTSWISS Security Team takes care of iGaming services protection, data privacy, and business continuity to ensure that nothing distracts satisfied customers from using our products. We work closely with the IT team that develops and supports our services, and together we create genuinely excellent and secure iGaming products.

Key responsibilities:

• Plan, design, implement, automate and (if you wish) support AppSec tools.
• Contribute to building a company-wide processes for secure code development and deployment.
• Assess products and new features through risk assessment, threat modelling and manual security testing with white box approach.
• Triage identified security vulnerabilities, provide clear and actionable descriptions and ensure these findings are properly addressed and mitigated.
• Manage the bug bounty program, collaborate with researches and internal teams to resolve the discovered vulnerabilities.
• Partner with Dev/QA teams throughout a development lifecycle to enhance the security posture of the application by providing expert consulting, knowledge sharing and clear security requirements.

Requirements:

• 2+ years of experience in the information security field, with at least 1 year of experience in application security.
• Knowledge of secure development processes and best practices.
• General web application security knowledge (i.e., how the web actually works? What is SOP and why do we need CORS? What is CSP?).
• Practical knowledge of common web application vulnerabilities (i.e., OWASP Top 10), and how to detect and prevent them.
• Knowledge of secure system/application architecture and design principles.
• Understanding of modern threats to high-performance web applications that is used by millions of users daily.
• Practical, hands-on experience in security assessments (penetration testing and code review).
• University degree in Computer Science, Information Security, or related field, or equivalent combination of education and experience.
• Intermediate or higher English level.

Nice to have:

• Passion about programming.
• Technical knowledge of network and operating systems security.
• Hands-on DevSecOps experience.
• Practice of participation in bug bounty programs and/or CTFs.
• Deep knowledge of SAST/DAST tools, including customisation.
• Relevant certifications (i.e., OSWE, GWEB, etc.).

What we offer:

• Full-time remote work opportunities and flexible working hours
• Comprehensive Mental Health Programme
• Private insurance
• Sports program compensation
• Free online English lessons
• An additional 1 Day off per calendar year
• Generous referral program
• Training, internal workshops, and participation in international professional conferences and corporate events

About us:

SOFTSWISS is an international company, and an iGaming software expert. We don’t only follow iGaming market trends, we create them! SOFTSWISS is a recognised industry leader in iGaming software solutions development, covering almost all aspects of the iGaming industry. The company has an international team and an official presence in several countries. Projects powered by SOFTSWISS receive numerous awards and accolades from industry media.

Our mission:

Changing the iGaming industry through technological innovation.

SOFTSWISS in numbers:

• 2009 - foundation year
• 2000+ total employees worldwide
• 5 offices, countries: Poland, Georgia and Malta
• No1 provider in Crypto iGaming
• 7 proprietary products
• 800+ brands using our software
• 11B+ € bets processed per month
• 6M+ active players monthly