Application Security Architect

ARRISE sets the benchmark for service delivery and excellence in the iGaming industry. Playing a key role in the success of its clients, including Pragmatic Play, ARRISE helps deliver exceptional gaming experiences to millions of players worldwide.

Our global team of over 6,000 professionals is shaping the future of iGaming. Headquartered in Gibraltar, with offices across Canada, India, the Isle of Man, Latvia, Malta, Romania, Serbia, Bulgaria, and the UAE, we are expanding into new exciting destinations.

At ARRISE, we foster growth opportunities at all levels, invest in our people, and build strategic partnerships to open new avenues for success. Success is a collective effort driven by ambition, collaboration, and a shared commitment to growth.

Join the future of iGaming with 6,000 ARRISERS! If a job excites you, apply now and connect with our friendly recruitment team. Your journey starts here!

The Application Security Architect will work closely with development teams to integrate security best practices into the software development lifecycle (SDLC). You will lead the design, implementation, and review of secure software architectures, identify and mitigate risks, and ensure applications meet high-security standards. Staying ahead of emerging threats and providing thought leadership to foster a security-first mindset across the organization are key aspects of this role.

1. Application Security Strategy: Develop and implement an application security strategy aligned with business goals, risk profiles, and regulatory requirements.
2. Secure Software Development Lifecycle (SDLC): Collaborate with development teams to embed security into every phase of the SDLC, including secure coding, threat modeling, and design principles.
3. Security Risk Management: Identify, evaluate, and mitigate security risks through threat modeling and vulnerability assessments.
4. Security Assessments & Testing: Conduct code reviews, penetration tests, vulnerability assessments, and risk analyses to identify and fix security issues.
5. Tooling and Automation: Recommend, implement, and manage security tools such as SAST, DAST, SCA, and automation practices to detect vulnerabilities early.
6. Cross-Functional Collaboration: Work with software developers, infrastructure teams, and product owners to ensure secure application delivery.
7. Compliance and Standards: Ensure applications comply with industry standards and regulations like GDPR, HIPAA, PCI-DSS, and follow best practices like OWASP Top 10.
8. Incident Response: Participate in detecting, analyzing, and resolving security incidents related to application vulnerabilities.
9. Security Awareness and Training: Develop and deliver training on secure coding, application security, and emerging threats.
10. Documentation: Maintain records of security policies, procedures, and controls related to application security.

1. 10+ years in cybersecurity, focusing on application security.
2. Proven experience in secure software development, threat modeling, penetration testing, and security risk management.
3. Strong familiarity with common application security tools.
4. Experience with cloud platforms (AWS, Azure, GCP) and securing cloud applications is a plus.
5. Deep knowledge of application security concepts, OWASP Top 10, and secure coding practices.
6. Familiarity with common programming languages.
7. Strong understanding of web architecture, APIs, and microservices.
8. Hands-on experience with security testing tools and automation.
9. Experience with threat modeling and risk assessment frameworks.

• Opportunity to craft immersive experiences and responsible gaming thrills, with a dedicated team delivering services players love.
• Professional and personal development opportunities.
• Career progression within a dynamic team.
• Collaborative colleagues.
• Private health insurance.
• 25 days of annual leave.
• Visa application support (company-covered).