Key Facts

Remote From:

Poland , Malta , Serbia , Georgia (USA)

Full time

Mid-level (2-5 years)

English

Hard Skills

Other Skills

•
Collaboration
•
Communication
•
Analytical Thinking
•
Detail Oriented
•
Problem Solving

SOFTSWISS

Computer Software / SaaS

About SOFTSWISS

SOFTSWISS is an international company and a widely-acclaimed iGaming expert. We were the very first online gambling software company to start working with cryptocurrencies. SOFTSWISS appeared in July 2009 in Minsk, Belarus. Today SOFTSWISS is a recognised industry leader in iGaming software solutions development. The company has an international team, which counts 1,400+ employees and has an official presence in Poland, Malta, Georgia, and Belarus. To date, the SOFTSWISS client network counts more than 500 iGaming brands. Projects powered by SOFTSWISS receive numerous awards and accolades from industry media. SOFTSWISS steadily enhances the products portfolio with continuous innovations and increases the quality of its services, providing customers with first-class industry solutions. Our values: - High-end solutions based on reliability, security and honesty - Expertise of a professional team with over 10 years of iGaming background - Innovative approach to product development and business processes Our Products: - Sportsbook Platform - Online Casino Platform - Game Aggregator - Jackpot Aggregator - Affilka (Affiliate Platform) - Managed Services Our Services: - First Line Player Support - Player Retention - Player Reactivation - VIP Player Support - Anti-fraud support Our solutions: - Crypto Casino Solution - White Label Casino Solution - Turnkey Casino Solution White Label solutions: - Operating under the SOFTSWISS gambling licences - Ready-to-use payment processing options - SOFTSWISS merchant accounts Why Us? - Over 10 years helping our clients to succeed in the industry - Focus on software security and stability - Top client service based on the client needs - Best industry professionals - Agile methodology at all levels - Cutting-edge innovations - Wide geographical presence Website: www.softswiss.com Email: order@softswiss.com SOFTSWISS. Winning Combination

Company type: Large

Industry: Computer Software / SaaS

Founded: 2018

Company size: 1001 - 5000

Website LinkedIn See all jobs →

Job description

Overview:

SOFTSWISS is looking for Application Security Engineer to join our team. SOFTSWISS security team takes care of iGaming services protection, data privacy, and business continuity to ensure that nothing distracts satisfied customers from using our products. We work closely with the IT team that develops and supports our services, and together we create genuinely excellent and secure iGaming products.

Purpose of the role:

Our goal is to make sure that we deploy secure software to production without unnecessary bottlenecks, that applications are properly hardened, and security vulnerabilities, once discovered, are fixed by the developers.

As an Application Security Engineer, you will play a crucial role in ensuring the security of our applications throughout the entire software development lifecycle (SDLC). You will partner closely with the product teams to identify, analyze, and mitigate security vulnerabilities, contributing to the creation of trustworthy and robust products.

Key responsibilities:

Partner with product teams during the design phase to lead threat modeling and risk assessments sessions, translating complex security threats into clear, actionable security requirements.
Perform in-depth manual code reviews on critical applications to identify complex logical vulnerabilities as part of white-box security assessment.
Plan, design, implement, automate and (if you wish) support AppSec tools.
Contribute to building a company-wide processes for secure code development and deployment.
Triage identified security vulnerabilities, provide clear and actionable descriptions and ensure these findings are properly addressed and mitigated.
Manage the bug bounty program, collaborate with researches and internal teams to resolve the discovered vulnerabilities.
Partner with Dev/QA teams throughout the development lifecycle to enhance the application's security posture by providing expert consulting, continuous knowledge sharing, and actionable security guidance.

Required Experience:

2+ years of experience in application security.
Knowledge of secure development processes and best practices.
Deep understanding of web application security mechanisms (i.e., how the web actually works? What is SOP and why do we need CORS? What is CSP?).
Deep understanding of common web application vulnerabilities (i.e., OWASP Top 10), and the most effective ways to prevent them.
Knowledge of secure system/application architecture and design principles.
Understanding of modern threats to high-performance web applications that is used by millions of users daily.
Understanding of modern authentication/authorisation patterns (OAuth, OIDC, JWT, etc.)
Practical hands-on expertise in identifying vulnerabilities through security assessment and secure code review, coupled with the ability to perform deep root-cause analysis to drive systemic fixes.
University degree in Computer Science, Information Security, or related field, or equivalent combination of education and experience.
Intermediate or higher English level.

Nice to have:

Passion about programming.
Technical knowledge of network and operating systems security.
Hands-on DevSecOps experience.
Practice of participation in bug bounty programs and/or CTFs.
Deep knowledge of SAST/DAST tools, including customisation.
Relevant certifications (i.e., OSWE, GWEB, etc.).

Our Benefits:

Full-time remote work opportunities and flexible working hours
Private insurance
Additional 1 Day Off per calendar year
Sports program compensation
Comprehensive Mental Health Programme
Free online English lessons with a native speaker
Generous referral program
Training, internal workshops, and participation in international professional conferences and corporate events.