Key skills
Application SecurityAppSec toolingSecure Software Development Life Cycle (SDLC)Threat modelingSecurity design reviewsSecure code reviewsManual security assessmentsSecure coding standardsOWASPNIST frameworksAI platforms for development and securityAgileScrumSecurity coachingAISDLCAccount Management
About this role
OP is partnering with a fast-growing iGaming startup to hire a Senior Application Security Engineer who will play a critical role in building the next generation of sweepstakes-based gaming experiences. This role involves embedding security into the software development lifecycle, leading threat modeling, and overseeing secure code reviews to ensure the platform remains secure as it scales.
Responsibilities:
- Bring informed perspectives on AppSec tooling and practices
- Embed security into the SDLC by partnering with engineering teams to define security requirements, patterns, and secure-by-design implementation guidance for new features and platform changes
- Lead or facilitate threat modeling and security design reviews for core user journeys (registration, login, wallet, deposits/withdrawals, gameplay, promotions, account management)
- Perform and/or oversee secure code reviews and deep-dive manual assessments on high-risk services (auth, wallet, payments, bonus engines, admin tooling)
- Define and maintain secure coding standards aligned to industry frameworks (e.g., OWASP, NIST) and ensure consistent adoption across teams
- Deliver security coaching and training for developers to improve secure coding habits and reduce recurring vulnerabilities, classes
- Hands-on experience using AI platforms to accelerate development, testing, code reviews, and security scans
- Experience working in Agile/Scrum environments
Requirements:
- Bring informed perspectives on AppSec tooling and practices
- Embed security into the SDLC by partnering with engineering teams to define security requirements, patterns, and secure-by-design implementation guidance for new features and platform changes
- Lead or facilitate threat modeling and security design reviews for core user journeys (registration, login, wallet, deposits/withdrawals, gameplay, promotions, account management)
- Perform and/or oversee secure code reviews and deep-dive manual assessments on high-risk services (auth, wallet, payments, bonus engines, admin tooling)
- Define and maintain secure coding standards aligned to industry frameworks (e.g., OWASP, NIST) and ensure consistent adoption across teams
- Deliver security coaching and training for developers to improve secure coding habits and reduce recurring vulnerabilities, classes
- Hands-on experience using AI platforms to accelerate development, testing, code reviews, and security scans
- Experience working in Agile/Scrum environments
- Nice to have: FinTech, gaming, and casino experience