Senior Application Security Analyst
The Senior Application Security Analyst is responsible for conducting in-depth security assessments, identifying vulnerabilities, and implementing security controls to protect applications from potential threats. You will analyse application code and perform security testing. It also involves collaborating with development teams to improve security issues. You will play a necessary part in enhancing the security posture of applications and ensuring compliance with relevant security standards and regulations.
- Conduct comprehensive security assessments, code reviews, and penetration testing of applications to identify potential vulnerabilities and security risks.
- Utilise industry-standard tools and methodologies to assess the security posture of applications and provide applicable recommendations for remediation.
- Identify security vulnerabilities identified during security assessments.
- Work with development teams to facilitate the remediation of vulnerabilities promptly.
- Monitor the effectiveness of remediation efforts and ensure that security vulnerabilities are addressed.
- Maintain security technologies used for application security testing and monitoring.
- Configure security tools such as static code analysis (SAST), dynamic application security testing (DAST), and web application firewalls (WAFs) to enhance the security posture of applications.
- Implement corrective actions to prevent future occurrences.
- Provide support during security incidents related to applications, including incident detection, analysis, and response.
- Collaborate with incident response teams to investigate security incidents, identify causes.
- Promote a culture of security awareness among development teams and stakeholders through training sessions, workshops, and awareness campaigns.
- Educate colleagues on secure coding practices, threat mitigation techniques, and compliance requirements.
- Maintain detailed documentation of security assessments, findings, and remediation efforts.
- Create regular metrics on application security activities, vulnerabilities, and compliance status to stakeholders and management.
- Collaborate with development teams, architects, IT operations, and security stakeholders to integrate security into the software development lifecycle.
- Identify opportunities for process improvement, optimization, and automation in application security practices.
- Stay up to date with new threats, vulnerabilities, and security trends in the application security landscape and recommend appropriate measures to mitigate risks.
- Software Development Background (required)
- At least five years experience in a similar Information Security position (required)
- Customer-oriented person, with the ability to educate a technical audience on Application Security matters (required)
- Fluent in relevant development languages (Java, C/C++, PHP, .NET, or Python …) (required)
- Experience in the following areas: Security Test Management (required)
- Application Security Assessments (required)
- Security Assurance (required)
- Requirements Management (required)
- Knowledge of major frameworks and support libraries (SPRING, OSGI, ASP.NET) (required)
- Agile Development (required)
- Vulnerability management (required)
- Continue Improvements (required)
- Penetration Testing (required)
- Security Evaluation & Functional Testing (required)
- Application Security Testing (required)
Entain is one of the world's largest sports betting and gaming entertainment groups and a FTSE 100 company. Formed when GVC Holdings rebranded as Entain in December 2020, its brands trace their history back to the 1880s and include bwin, Coral, Foxy, Gala, Ladbrokes and partypoker. Through its joint venture with MGM Resorts International, it powers BetMGM in the United States with its proprietary technology. Headquartered in London, Entain employs over 30,000 people with offices across 19 countries.

