At Easygo, our DevSecOps team is at the heart of our engineering, security and operations, creating the robust, high-performance and secure GitOps based Application Security and DevOps experience that underpins both our global casino games and sportsbook offerings. The exciting thing about this team is that it impacts every single Stake customer and is felt directly by every engineer across all feature development squads on the Stake platform. As a dedicated developer experience team, we tackle complex technical challenges with innovation and precision, ensuring the foundational systems are secure, robust, scalable, and empower all product development teams.

MINIMUM QUALIFICATIONS:

• Bachelor’s/Master’s degree in Computer Science or equivalent practical experience.
• 7+ years of hands-on experience in software engineering, with a primary focus on security engineering.

PREFERRED QUALIFICATIONS:

• Proven hands-on experience or certifications with a range of security tools, including SAST, DAST, and SCA tools e.g. Checkmarx, Veracode, Burp Suite, OWASP ZAP, WAFs and RASP Solutions, Penetration testing frameworks.
• AWS Certifications, such as Security Speciality highly desired.
• Experience with Typescript, Node.js, Kubernetes, Docker, AWS, Cloudflare, Datadog and related technologies.
• Experience with CI/CD tools (e.g. AWS Code Pipeline, Github Actions) for automating the deployment process.

• Lead by example, and drive the adoption of secure software development lifecycle (SSDLC) practices. This includes performing threat modelling, providing secure coding guidance to development teams, and embedding security requirements early in the design phase.
• Own, improve, execute and manage various security tests, including SAST, DAST, and SCA, to identify vulnerabilities. Analyse test results and prioritise findings. Fix what you find, and work with developers to ensure timely remediation.
• Implement and maintain automated security controls within the CI/CD pipeline. This involves integrating security tools to enable continuous security testing and monitoring, making security an integral part of the DevSecOps process.
• Deploy and configure Web Application Firewalls (WAFs) and Runtime Application Self-Protection (RASP) solutions to protect from real-time attacks. Respond to urgent application security incidents as needed.
• Take ownership of the platform vulnerability management program. This involves tracking, prioritising, and remediation of security flaws found in applications, ensuring all vulnerabilities are addressed and verified.
• Actively engage in hands-on coding, testing, debugging, and troubleshooting to ensure code quality, scalability, and maintainability.
• Write efficient, scalable, and maintainable code, adhering to coding standards and best practices.
• Innovate within the team by pushing for improvements and driving constructive changes to enhance team performance and efficiency.
• Analyze complex problems and provide effective solutions, contributing to team goals and initiatives.
• Lead and independently complete medium-sized projects or initiatives from start to finish.
• Share application security knowledge and best practices with the team, fostering a collaborative and learning-oriented environment.
• Mentor software engineers across the organisation in security engineering practices.
• Collaborate with stakeholders, product managers, and engineering teams to effectively communicate technical concepts.