Надсилай резюме
Підпишись на вакансії
Запитай в рекрутера

Security Engineer / Product Security

Проект: SaaS iGaming Platform
Львів DevOps Intermediate 13212

SaaS-рішення для світових онлайн-казино, відомих букмекерських компаній та авторитетних спортивних онлайн-видань, яке передбачає highload середовище для безперебійного розміщення гральних ставок в реальному часі, моделювання системи аналізу та звітування, а також конфігурабельні фронтенд та мобільні інтерфейси. Дізнатись більше про проект

Надіслати резюме

Project Overview:

EveryMatrix delivers a modular and API driven product suite including a market leading one-stop shop casino content aggregator and integration platform, a cross-product bonusing engine, a fully managed sportsbook and sport data services, a stand-alone payment processing platform, and a multi-brand affiliate/agent management system. 

You will be involved in a wide range of projects to create our security program, yet have a specific focus on application security, for both on-premise and SaaS services. You will act as the Subject Matter Expert and work closely with the various teams on security engineering topics.  

Responsibilities:

  • Design, implement and manage security controls and automation in a DevOps environment;
  • Identifying security flaws within running web-applications and services as part of infrastructure penetration testing and application security reviews;
  • Working directly with product teams to enforce security best practices and integrate automated security;
  • Control over the execution of application security analysis through the entire Software Development Life Cycle;
  • Working with the development and infrastructure teams to help identify and mitigate vulnerabilities;
  • Knowledge sharing and security training for internal QA and Development teams;
  • Participating in security incident response.

Requirements:

  • Solid hands-on expertise in DevOps role;
  • Strong understanding of security architecture, automation, integration, and deployment;
  • Strong teamwork and communication skills;
  • A passion for security, and the hacker mentality of doing whatever it takes to figure out and solve a problem;
  • High-level understanding of multi-security domain operations;
  • Knowledge of threat modeling and risk assessment techniques;
  • Strong understanding of the OWASP Top Ten security risks and how to mitigate them;
  • Good understanding of application security verifications approaches (SAST, IAST, DAST);
  • Knowledge of pipeline tools such as Jenkins, GitLab, SonarQube, Jira, Docker, Kubernetes;
  • Up-to-date knowledge of the latest security vulnerabilities (e.g. reported CVEs) against systems, web application frameworks, and libraries, including an understanding of their impact and exploitation techniques.

Nice to have:

  • Broad experience across several different technology domains (compute, storage, network, database, data center, cloud, desktop, mobile devices, identity & access management, etc.);
  • Experience with common vulnerability scanning and reporting tools (Nessus, Burp Suite, ZAP);
  • Hands-on experience working with ELK tools stack;
  • Having experience as a software developer (JavaScript, C#, C++, .NET or equivalent);
  • Familiarity with compliance frameworks (e.g., ISO/IEC 27001, PCI DSS GDPR, NIST 800-series).

Higher Education: Bachelor’s Degree.

Надіслати резюме
Тебе також можуть зацікавити

Enterprise / Solution Architect

Strong Middle DevOps Engineer

Senior DevOps

Надія Митник

Рекрутер