Location:
Sofia
Vacancy Type:
Permanent
Brand:
23 (GVC)
About The Role

We’re looking for an Application Security Engineer to join us in Sofia on a permanent basis. This role works closely with the development and operations teams to design, implement, rollout and support the operation of security controls at the application layer. This role detects new security needs, evaluates the best controls to integrate in the application, develops and tests proof of concept, supports the engineering implementation and the rollout as required.

The role requires a passionate application security engineer with a hands-on development background, a person to create and develop security controls not just to use pre-existing tools.

The role has a need to work closely with members of the Development and DevOps organisations to identify new application controls, implement proof of concept and support development, rollout and operation – people skills and conflict resolution soft skills are a must.
 

Primary responsibilities include:

  • Identify gaps in our application security controls, research and propose designs to resolve the gaps and support the implementation of the controls, for instance MFA, user behaviour analysis, denial of service prevention, etc.
  • Design and implement software that addresses the identified security gaps
  • Support the operation of application-level security controls, for instance web application firewalls, bot detection frameworks, etc.
  • Develop tools to improve the security of our applications
  • Incorporate design solution in Development, DevOps and Architectural best practices.
  • Design processes to improve secure development and testing, then coach and train developers and DevOps management on them. 
  • Design, test and improve security architecture of our Products.
  • Execute projects to implement the group Application Security strategy
  • Support the investigation of incidents relating to gaming platform anomalies, weaknesses and game integrity compromises
Occasional responsibilities:
  • Conduct application-level penetration testing and independent reviews of source code repositories.
  • Travel to Development centres

Requirements

The role requires a person with outstanding technical foundations and a development background that has experience in designing and implementing application security controls, able to have a peer relationship with engineers and architects. 

 

Essential:

  • Software engineering background, please share with us your publicly available work
  • At least three years of experience in a similar Information Security position
  • Design and development of security tools
  • Vulnerability research
  • Customer-oriented person, with the ability to educate and influence a technical audience on Application Security matters
  • Fluent in relevant development languages (Java, C/C++, Perl, PHP, .NET…)
  • Experience in the following areas:
    • Security design reviews
    • Knowledge of major frameworks and support libraries (SPRING, OSGI, ASP.NET, etc.)
    • Web-Application Firewalls (WAF)
    • Multi-factor authentication
    • Bot detection  
 

Desired:

  • Open source projects
  • Online Gaming security experience
  • Regulatory and industry standards work: ISO27001, PCI-DSS, etc.
  • Experience in DevOps
  • Agile Development 

Relevant professional qualifications will be considered, although not a requirement, e.g. GIAC, CISA, CISM, CISSP, OSCP, CEH, etc

With the capacity to display initiative as part of a very strong Information Security team, this position plays a key role in protecting the security of our customers and systems from known and unknown threats. 

Employee benefits:
  • Competitive remuneration package; 
  • 25 days annual leave;
  • Social benefits: personal health insurance, dental allowance, sport activities, food vouchers;
  • Opportunity to join a team of great professionals;
  • Dynamic and friendly work environment;
  • Team building activities.
Ready to get involved? Bring your energy to GVC and you’ll be in the mix from the start. For the good of entertainment. Apply now!

 

 

Our Culture As Real As It gets

At GVC we're a diverse team, sharing a commitment to quality and success

Whether you're playing a key role in your local community as part of our retail team, or working out the next big gaming trends in our digital team, you'll enjoy a culture and a benefits package that we're extremely proud of.