Full-Time Application Security Principal

This role closely collaborates with development teams to ensure applications meet security criteria, focusing on secure gaming platform design and application reviews, while enhancing security automation in the development lifecycle.

Primary Responsibilities:

• Provides technical leadership and guidance on application security best practices, methodologies, and technologies.
• Serves as a trusted advisor to development teams, architects, and stakeholders, offering security posture enhancements.
• Designs and reviews security architectures, implementing effective security controls and countermeasures.
• Conducts threat modeling exercises to identify potential security risks and vulnerabilities early in the development lifecycle.
• Conducts security assessments, code reviews, and penetration testing of applications to identify and mitigate vulnerabilities.
• Utilizes industry-standard tools and methodologies to assess application security and provide remediation recommendations.
• Develops and implements security tools, scripts, and automation workflows to streamline security testing, monitoring, and compliance.
• Leverages scripting languages and development frameworks to create custom security tools.
• Promotes security awareness among development teams through training and knowledge-sharing.
• Educates personnel on secure coding, threat mitigation, and compliance.
• Collaborates with development teams, Product, IT operations, project managers, and other stakeholders to integrate security into the software development lifecycle.
• Provides guidance to address security concerns throughout the application development process.
• Proactively identifies and optimizes security controls, processes, and technologies.
• Stays abreast of emerging threats, vulnerabilities, and security trends.
• Conducts research to evaluate new security technologies and methodologies.

Occasional Responsibilities:

• Travel to Development centers

Knowledge/Expertise/Qualifications:

• Requires outstanding technical foundations, development background, experience in application security assessments, and collaboration with development teams.
• Essential Software Development Background: 3+ years experience in similar Information Security role.
• Customer-oriented with ability to educate and influence technical audiences on application security matters.
• Fluent in relevant development languages (Java, C/C++, C#, Perl, PHP, Python, etc.).
• Experience in Security Test Management, Application Security Assessments, Security Assurance, Requirements Management.
• Knowledge of major frameworks and support libraries (SPRING, OSGI, ASP.NET, etc.).
• Understanding of Agile Development, Vulnerability management, Continuous Improvements, Penetration Testing, Security Evaluation & Functional Testing, Application Security Testing, and Application Security Testing Automation.
• Experience with Enterprise Software, Data Analysis, Applied Research, Legal & Regulatory Environment and Compliance (ISO27001, PCI-DSS, etc.).
• Relevant professional qualifications (GIAC, CISA, CISM, CISSP, CEH, etc.) considered, but not mandatory.
• Open source projects and online gaming security experience a plus.

What is the last date for applying to the job?

Which countries are accepted for this remote job?