Application Security Architect

About us:

ARRISE sets the benchmark for service delivery and excellence in the iGaming industry. Playing a key role in the success of its clients, including Pragmatic Play, ARRISE helps deliver exceptional gaming experiences to millions of players worldwide.

Our global team of over 6,000 talented professionals are shaping the future of iGaming. Headquartered in Gibraltar, with offices in Canada, India, the Isle of Man, Latvia, Malta, Romania, Serbia, Bulgaria, and the UAE, we are expanding into new locations.

At ARRISE, we create growth opportunities at all levels, investing in our people, welcoming new colleagues, and forging strategic partnerships.

We believe in ourselves; success is a collective effort driven by ambition, collaboration, and shared goals. Join us and be part of the future of iGaming with 6,000 ARRISERS!

About The Role:

The Application Security Architect will collaborate with development teams to embed security best practices into the software development lifecycle (SDLC). You will lead the design, implementation, and review of secure architectures, identify risks, and ensure high-security standards. Staying ahead of emerging threats and providing thought leadership to foster a security-first mindset are key aspects of this role.

Key Responsibilities:

1. Application Security Strategy: Develop and implement a security strategy aligned with business goals, risks, and regulations.
2. Secure SDLC: Partner with development teams to integrate security into all phases, including secure coding, threat modeling, and design.
3. Security Risk Management: Identify, evaluate, and mitigate security risks through threat modeling and vulnerability assessments.
4. Security Assessments & Testing: Conduct code reviews, penetration tests, and vulnerability assessments to identify weaknesses.
5. Tooling & Automation: Recommend and manage security tools (e.g., SAST, DAST, SCA) and automate vulnerability detection.
6. Cross-Functional Collaboration: Work with software developers, infrastructure teams, and product owners to ensure secure development and delivery.
7. Compliance & Standards: Ensure applications meet industry standards and regulations like GDPR, HIPAA, PCI-DSS, and follow OWASP Top 10.
8. Incident Response: Participate in security incident detection, analysis, and resolution related to application vulnerabilities.
9. Security Training: Develop and deliver training on secure coding, application security, and emerging threats.
10. Documentation: Maintain security policies, procedures, and controls documentation.

Experience:

1. 10+ years in cybersecurity with a focus on application security.
2. Proven experience in secure software development, threat modeling, penetration testing, and risk management.
3. Strong experience with application security tools.
4. Experience with cloud platforms (AWS, Azure, GCP) and cloud security is a plus.
5. Deep knowledge of application security concepts, OWASP Top 10, and secure coding.
6. Familiarity with common programming languages.
7. Understanding web application architecture, APIs, and microservices.
8. Hands-on experience with security testing tools and automation.
9. Experience with threat modeling and risk assessment frameworks.

What We Offer:

• Delivering immersive experiences and responsible thrills through our professional team.
• Opportunities for professional and personal development.
• Room for progression within a dynamic team.
• Collaborative colleagues.
• Private health insurance.
• 25 days of annual leave.
• Visa application support (cost covered by the company).