Application Security Engineer

We are looking for an Application Security Engineer with strong knowledge of iGaming products to help secure our sportsbook, casinos, player account management (PAM), and mobile platforms.

This role combines product understanding with cybersecurity expertise. You will work closely with Product, Engineering, Compliance, and Operations teams to identify security risks across gaming products and ensure security is embedded throughout the entire product lifecycle.

The ideal candidate understands how iGaming platforms operate end-to-end, from registration, wallet integrations, and bonus systems to sportsbook solutions, casino integrations, and mobile apps., * Ensure that software development and deployment processes comply with relevant security policies, standards, and regulations, thereby protecting the organisation from legal and regulatory issues.

• Drive 'Security by Design' across Sportsbook, Casino, PAM, and mobile platforms by serving as the lead security stakeholder in architectural reviews, effectively balancing product innovation with rigorous risk management.
• Identify vulnerabilities and abuse scenarios affecting the products such as authentication systems, wallets and payments, bonuses and promotions and mobile applications and APIs.
• Perform threat modeling and security reviews during product design and release cycles.
• Collaborate with Risk, Engineering and Compliance teams on remediation efforts.
• Review and investigate vulnerabilities discovered through penetration testing, automated scans, or incident investigations.
• Help secure APIs and third-party integrations.
• Support secure development practices within Agile product teams.
• Contribute to incident response activities and root cause analysis for security events.
• Maintain security standards and documentation aligned with regulatory and compliance requirements.

Do you have experience in Web Application Security Testing?, * 4+ years of hands-on experience within the iGaming industry, specifically focusing on Sportsbook, Online Casino, or Player Account Management (PAM) platforms.

• Strong understanding of the gaming ecosystem, including sportsbook and casino products, PAM (Player Account Management) systems, wallet and payment flows, mobile app infrastructure, and the end-to-end player lifecycle.
• Good understanding of application security principles and common attack vectors.
• Familiarity with OWASP Top 10, API security, Secure SDLC practices.
• Ability to identify both technical vulnerabilities and product abuse scenarios.
• Experience working with cross-functional product and engineering teams.
• Familiarity with security testing tools such as Burp Suite, Tenable or mobile testing frameworks will be considered a plus.
• Strong analytical and problem-solving skills.
• Excellent communication and stakeholder management abilities.
• Knowledge of cloud infrastructure and DevSecOps practices.
• Experience with third-party gaming provider integrations.
• Familiarity with gaming regulations and compliance standards.
• Familiarity with leveraging AI tools (e.g., ChatGPT, Claude, Gemini) to streamline daily tasks, optimize workflows, and boost overall productivity., * Degree in Computer Science, Information Technology, or a related field.
• Understanding of gaming regulatory frameworks.
• Security certifications such as Security+, CEH, CISA, CRISC or CISSP.