Are you passionate about IT security? We are looking for a passionate and skilled DevSecOps Engineer to work with our developers and engineers and implement information security and data privacy controls in the Software Development Lifecycle (SDLC). Together with the Cyber Security Team, you will perform the analysis of our internally developed applications and services and propose solutions to protect against the latest threats and vulnerabilities, and define improvement actions. As a DevSecOps Engineer, you will be in a position to directly influence the work of over 50 engineers across dozens of microservices that process hundreds of thousands of bet slips per day through their whole lifecycle!
We’re looking for someone who has:
CS or related degree
Solid development background and progression as a security expert
Knowledge of how to assess current applications and architecture to determine methods for automating security testing and control validation
Security testing experience at scale by building and implementing static and dynamic analysis tools, open-source scanning tools, and integrating security into a CI/CD workflow
Hands-on experience with tools and technologies used throughout secure SDLC (e.g., Burp Suite, AppScan, Fortify/checkmarx /Veracode, WhiteSource/Blackduck)
Experience with containers and orchestration technology such a Docker and Kubernetes
Application Security secure software coding practices and OWASP: Open Web Application Security Project
Experience in web application security
Passion about information security, eager to continuously learn and develop
Bonus points if you:
Are experienced with Cloud Security - AWS/Azure/Google Cloud etc.
Are familiar with DevOps, DevSecOps, and Agile SDLC methodologies
Know your way around CI/CD processes, toolsets, and version control software like Jenkins, CircleCI, GitLab, GitHub
Have used DBs such as PostgreSQL, Redis, MongoDB, CockroachDB
Are familiar with Kafka-based microservices architecture
What you'll be doing:
Be responsible for enabling a secure-by-default approach
Working directly with engineering teams as they're building their services and making sure the key security principles are built into the architecture
Enable engineering teams to scan their code for security issues and penetration testing
Keep up-to-date on all new security challenges and work with our teams to develop a protection mechanism
You can expect
Happening is the technology engine powering Superbet Group's global platforms and brands that bring thrill to customers across the world every day. We are a game-changing tech company rewriting the rules of sports betting and gaming. We are shaking up the status quo by building our own end-to-end tech stack, solving deep and complex challenges for millions of customers and shaping our culture to work uniquely for the tech community. A true challenger, our technology handles serious scale on par with the Big Techs, and customer obsession runs through every team. Building our own platform gives freedom to innovate and flip the legacy perceptions and industry stereotypes.
Should we talk? Let's do it!