Key Facts

Remote From:

Full time

English

Hard Skills

Threat Modeling Java (Programming Language) Kubernetes Amazon Web Services gRPC Endpoint Security Open Web Application Security Project (OWASP) Conventional PCI SASS

Other Skills

•
Analytical Skills
•
Communication
•
Collaboration

Roles & Responsibilities

Proven experience in IT Security with a strong ability to read and analyze code in Java and Spring Boot
Hands-on experience with Go (Golang) for developing internal security tools and automating cybersecurity solutions
Strong background in microservices, distributed systems, and the security of containerized environments like Docker and Kubernetes
Deep understanding of API security and the ability to apply OWASP Top Ten principles to secure programming

Requirements:

Conducting threat modeling during the design phase to predict and mitigate risks before they reach production
Continuously updating existing threat models to identify new emerging threats
Identifying and addressing technical and business logic vulnerabilities within the source code and applications
Collaborating with internal teams to select, develop, and implement custom security tools and scalable security solutions

Job description

Location: Fully Remote
Reporting to: CTO

Your mission

Conducting threat modeling during the design phase to predict and mitigate risks before they reach production.
Continuously update existing threat models to identify new emerging threats.
Identifying and addressing technical and business logic vulnerabilities within the source code and applications while supporting the development and implementation of internal security processes.
Collaborating with internal teams to select, develop, and implement custom security tools and scalable security solutions, provide hardening and security best practice guidance.
Supporting and enhancing existing security processes while planning and designing security-by- design solutions and cybersecurity controls.
Developing, deploying, and operating cybersecurity solutions across infrastructures and products.
Securing our containerized environments and microservices architecture, focusing on Docker, Kubernetes, and cloud infrastructure (AWS/GCP).
Working hands on with existing SAST / DAST tools enhancements and remediations.
Ensuring all security implementations align with iGaming regulations and global standards such as ISO 27001 and PCI-DSS.

What You Bring

Proven experience in IT Security with a strong ability to read and analyze code in Java and Spring Boot.
Hands-on experience with Go (Golang) for developing internal security tools and automating cybersecurity solutions.
Strong background in microservices, distributed systems, and the security of containerized environments like Docker and Kubernetes.
Deep understanding of API security and the ability to apply OWASP Top Ten principles to secure programming.
Experience conducting threat modeling and implementing security-by-design controls during the development lifecycle.
Knowledge of regulatory standards and industry frameworks such as ISO 27001 and PCI-DSS.
Excellent analytical and communication skills to explain technical vulnerabilities and their business implications to stakeholders.

What's in it for you?

🚀 Make Serious Waves
The chance to make a tangible impact in a switched-on, ambitious, and fast-paced startup culture. You will be working on innovative, new-age products at the exciting fusion of iGaming, Gaming, and Web3.

✨ Next-Level Workspace Vibe
Work from a workspace designed for both high performance and serious comfort, featuring:

🍽️ Fully set-up kitchen with all the appliances, big tables, and plenty of seating.
🥤 Beverage fridge packed with cold drinks.
🎮 Hangout zone equipped with couches, bean bags, and a PS5 to unwind or level up.

🗓️ Weekly Office Rituals: