Senior Application Security Specialist

Job Description

Our client, a leader in the online gaming and sports-betting industry is currently seeking a talented Senior Application Security Specialist to join their Gibraltar or Athens-based team. This role aims to provide application security services into the software development lifecycle including secure design, coding techniques and reviews, education & awareness, process and tools, security testing support and guidance.

As a Senior Application Security Specialist, your duties would include:

• Performing and developing web application security testing (Penetration tests)
• Identifying application security risks and requirements for new projects and system developments
• Working with the architecture and development groups to review code for security vulnerabilities and embed/improve security threat modelling and secure coding in the development lifecycle
• Providing technical advice to ensure that security standards are met
• Perform/overseeing security testing and manage remediation of identified vulnerabilities
• Supporting the InfoSec team in the promotion of information security best practice and embedding information security within the development streams
• Providing reports on application security KPI’s to the Cyber Security Manager

The ideal candidate would have the following skills & experience:

• At least 5 years of experience and In-depth knowledge of application security vulnerabilities, secured design, security testing techniques, and the OWASP framework
• In depth understanding of secured web application and web services development in at least two of the following: PHP, .Net, JAVA
• Understanding of various CMS platforms such as Drupal, Joomla and WordPress
• Experience of web application and agile development methodologies
• Understanding of web servers and HTTP protocol running on Windows and Linux servers
• Knowledge of technical security architectural principles and creating application threat models
  Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships up to senior levels of management.
• Ideally one of the following certifications:
  • SANS GIAC Penetration Tester (GPEN)\Certified Ethical Hacker by the International Council of ECommerce Consultants (EC-Council.)
  • GIAC Certified Web Application Defender
  • GIAC Web Application Penetration Tester

If you would like to discuss this opportunity then please don’t hesitate to contact Castle Hill today.