ABOUT US
Arrise Solutions India Pvt. Ltd. (powering PragmaticPlay) is a leading content provider to the iGaming and Betting Industry, offering a multi-product portfolio that is innovative, regulated and mobile-focused. Pragmatic Play strives to create the most engaging and evocative experience for customers globally across a range of products, including slots, live casino, sports betting, virtual sports and bingo.
Driven by a persistence to craft immersive experiences and responsible thrills, our professional team consistently deliver best-in-class services with a dedication to create games that players love time and time again.
KEY RESPONSIBILITIES:
- Application Security Strategy: Develop and implement an overall application security strategy that aligns with business objectives, risk profiles, and regulatory requirements.
- Secure Software Development Lifecycle (SDLC): Partner with development teams to integrate security throughout the SDLC, including the creation of secure coding practices, threat modeling, and secure design principles.
- Security Risk Management: Identify, evaluate, and mitigate security risks in software and applications. Lead threat modeling and vulnerability assessments to ensure systems are secure.
- Security Assessments & Testing: Conduct security assessments including code reviews, penetration testing, vulnerability assessments, and risk analysis to identify and resolve security weaknesses.
- Tooling and Automation: Recommend, implement, and manage security tools (e.g., SAST, DAST, SCA) and automation practices to detect vulnerabilities early in the development cycle.
- Cross-Functional Collaboration: Work closely with software developers, infrastructure teams, and product owners to ensure secure application development and delivery.
- Compliance and Standards: Ensure all applications comply with industry standards, regulations (e.g., GDPR, HIPAA, PCI-DSS), and best practices (e.g., OWASP Top 10).
- Incident Response: Participate in the detection, analysis, and resolution of security incidents related to application vulnerabilities.
- Security Awareness and Training: Develop and deliver security training to developers and other stakeholders on secure coding practices, application security, and emerging threats.
- Documentation: Maintain documentation of security policies, procedures, and controls relevant to application security.
EXPERIENCE:
- 10+ years of experience in cybersecurity, with a focus on application security.
- Proven experience in secure software development, threat modelling, penetration testing, and security risk management.
- Strong experience with common application security tools
- Experience with cloud platforms (AWS, Azure, GCP) and securing cloud-based applications is a plus.
- In-depth knowledge of application security concepts, OWASP Top 10, and secure coding practices.
- Familiarity with common programming languages
- Strong understanding of web application architecture, APIs, and microservices.
- Hands-on experience with security testing tools and automation for application security.
- Experience with threat modelling techniques and risk assessment frameworks.
WHAT WE OFFER
Driven by a persistence to craft immersive experiences and responsible thrills, our professional team consistently deliver best-in-class services with a dedication to create games that players love time and time again.
- Professional and personal development
- Opportunities to progress within a dynamic team.
- Close and collaborative colleagues