Senior Application Security Analyst
The Senior Application Security Analyst is responsible for conducting in-depth security assessments, identifying vulnerabilities, and implementing security controls to protect applications from potential threats. You will analyse application code and performing security testing. It also involves collaborating with development teams to improve security issues. You will play a necessary part in enhancing the security posture of applications and ensuring compliance with relevant security standards and regulations.
- Conduct comprehensive security assessments, code reviews, and penetration testing of applications to identify potential vulnerabilities and security risks.
- Utilise industry-standard tools and methodologies to assess the security posture of applications and provide applicable recommendations for remediation.
- Identify security vulnerabilities identified during security assessments.
- Work with development teams to facilitate the remediation of vulnerabilities promptly.
- Monitor the effectiveness of remediation efforts and ensure that security vulnerabilities are addressed.
- Maintain security technologies used for application security testing and monitoring.
- Configure security tools such as static code analysis (SAST), dynamic application security testing (DAST), and web application firewalls (WAFs) to enhance the security posture of applications.
- Implement corrective actions to prevent future occurrences.
- Provide support during security incidents related to applications, including incident detection, analysis, and response.
- Collaborate with incident response teams to investigate security incidents, identify causes.
- Promote a culture of security awareness among development teams and stakeholders through training sessions, workshops, and awareness campaigns.
- Educate colleagues on secure coding practices, threat mitigation techniques, and compliance requirements.
- Maintain detailed documentation of security assessments, findings, and remediation efforts.
- Create regular metrics on application security activities, vulnerabilities, and compliance status to stakeholders and management.
- Collaborate with development teams, architects, IT operations, and security stakeholders to integrate security into the software development lifecycle.
- Identify opportunities for process improvement, optimisation, and automation in application security practices.
- Stay up to date with new threats, vulnerabilities, and security trends in the application security landscape and recommend appropriate measures to mitigate risks.
- Software Development Background (required)
- At least five years experience in a similar Information Security position (required)
- Customer-oriented person, with the ability to educate a technical audience on Application Security matters (required)
- Fluent in relevant development languages (Java, C/C++, PHP, .NET, or Python …) (required)
- Experience in the following areas: Security Test Management (required)
- Experience in Application Security Assessments (required)
- Experience in Security Assurance (required)
- Experience in Requirements Management (required)
- Knowledge of major frameworks and support libraries (SPRING, OSGI, ASP.NET) (required)
- Agile Development (required)
- Vulnerability management (required)
- Continue Improvements (required)
- Penetration Testing (required)
- Security Evaluation & Functional Testing (required)
- Application Security Testing (required)
- Min salary of 40000 EURO gross per annum depending upon experience
- Group Bonus Plan
- 100 Euro in monthly food vouchers
- 25 days of annual leave plus all local public holidays
- 5 additional paid days off for volunteering, learning, and even a special Game Day in December
- Hybrid model (2+ office days per week) and enjoy August fully remote from anywhere in Bulgaria
- Monetary Christmas bonus
- WFH equipment reimbursement
- Transport and utilities support
- Sharesave Scheme
- Comprehensive life and health insurance
- Free access to Unmind, our mental health app
- Social events and legendary Christmas/Summer parties
Entain is one of the world's largest sports betting and gaming entertainment groups and a FTSE 100 company. Formed when GVC Holdings rebranded as Entain in December 2020, its brands trace their history back to the 1880s and include bwin, Coral, Foxy, Gala, Ladbrokes and partypoker. Through its joint venture with MGM Resorts International, it powers BetMGM in the United States with its proprietary technology. Headquartered in London, Entain employs over 30,000 people with offices across 19 countries.
