Back to Jobs

Senior Application Security Specialist

Salary: Competitive

Job Description


Our client, a leader in the online gaming and sports-betting industry is currently seeking a talented Senior Application Security Specialist to join their Gibraltar or Athens-based team. This role aims to provide application security services into the software development lifecycle including secure design, coding techniques and reviews, education & awareness, process and tools, security testing support and guidance.


As a Senior Application Security Specialist, your duties would include:

  • Performing and developing web application security testing (Penetration tests)
  • Identifying application security risks and requirements for new projects and system developments
  • Working with the architecture and development groups to review code for security vulnerabilities and embed/improve security threat modelling and secure coding in the development lifecycle
  • Providing technical advice to ensure that security standards are met
  • Perform/overseeing security testing and manage remediation of identified vulnerabilities
  • Supporting the InfoSec team in the promotion of information security best practice and embedding information security within the development streams
  • Providing reports on application security KPI’s to the Cyber Security Manager


The ideal candidate would have the following skills & experience:

  • At least 5 years of experience and In-depth knowledge of application security vulnerabilities, secured design, security testing techniques, and the OWASP framework
  • In depth understanding of secured web application and web services development in at least two of the following: PHP, .Net, JAVA
  • Understanding of various CMS platforms such as Drupal, Joomla and WordPress
  • Experience of web application and agile development methodologies
  • Understanding of web servers and HTTP protocol running on Windows and Linux servers
  • Knowledge of technical security architectural principles and creating application threat models
    Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships up to senior levels of management.
  • Ideally one of the following certifications:
    • SANS GIAC Penetration Tester (GPEN)\Certified Ethical Hacker by the International Council of ECommerce Consultants (EC-Council.)
    • GIAC Certified Web Application Defender
    • GIAC Web Application Penetration Tester


If you would like to discuss this opportunity then please don’t hesitate to contact Castle Hill today.