Senior Application Security Engineer

ARRISE sets the benchmark for service delivery and excellence in the iGaming industry. Playing a key role in the success of its clients, which include Pragmatic Play, a brand relied upon by the world’s biggest online casinos for its cutting-edge products, ARRISE helps to deliver exceptional gaming experiences to millions of players worldwide. Our global team of over 10,000 talented and driven professionals are shaping the future of iGaming. Headquartered in Gibraltar, we have offices spanning Canada, India, the Isle of Man, Latvia, Malta, Romania, Serbia, Bulgaria, and the UAE, and more exciting destinations on the horizon. At ARRISE, we take pride in creating growth opportunities at all levels, constantly investing in our people while welcoming new colleagues and forging strategic partnerships that open new opportunities for success. To achieve this, we bet on ourselves. We know that success is a collective effort, and our team is driven by ambition, collaboration, and a shared commitment to grow and succeed — while embracing every step of the journey. Be part of the future of iGaming with 10,000 ARRISERS! See a job that excites you? Apply now, and our friendly recruitment team will connect with you soon. Your journey starts here.

The Senior Application Security Engineer acts as a technical authority. This role ensures secure design, development, deployment, and integrity across both on‑prem and SaaS environments. You should be comfortable wearing multiple hats and thrive in a fast‑paced, collaborative environment.

• Define and mature secure SDLC and AppSec program frameworks.
• Embed secure coding practices into development and backend platform engineering.
• Lead threat modeling and high‑risk security reviews for major releases.
• Implement application security testing tools (e.g. SCA, ASPM), container scanning, and secrets detection in CI/CD pipelines.
• Perform Penetration Testing and manage external penetration testing efforts.
• Manage application vulnerabilities from identification to remediation.
• Provide guidance for development teams.
• Design, maintain, and enforce organization‑wide paved roads and guardrails.

• 5+ years in application security, secure architecture, or related functions.
• Demonstrated ability to influence senior engineering and product leadership.
• Proven implementation of CI/CD security automation and secure coding practices.
• Strong understanding of web, API, and microservice security.
• Experience with Java, Javascript.
• Experience in Penetration Testing.

Kubernetes/container security knowledge.