About bet365
At bet365, we’re one of the world’s leading online gambling companies, revolutionising the industry since 2000. Founded by Denise Coates CBE, we now employ over 9,000 people and serve more than 100 million customers across 27 languages. Our focus on In‑Play betting has solidified our market‑leading position, offering an unmatched experience across 96 sports and 700,000 streaming events.
Location
Stoke‑On‑Trent, England, United Kingdom
Job Description
As an Information Security Specialist, you will focus on securing the company’s applications through analysis of code, supply chains, and threat modelling, ensuring the effectiveness of security measures. The application security team deals with the security of closed‑source, open‑source, and proprietary applications. It is our mission to ensure applications are developed and implemented in a secure manner, and potential risks are found and remediated efficiently through penetration testing.
You will work alongside our Software Development teams to ensure application‑based vulnerabilities are understood and mitigated. It is important that you possess an understanding of Secure Development Lifecycles (SDL) and the assessment of code. The role is part of the broader Information Security department, which is comprised of engineers and analysts from varying backgrounds. Collectively, the team utilises enterprise and bespoke tooling to identify and mitigate threats to the Business.
We utilise AI to enhance our existing security processes and practices, embracing the advantages it brings. You will play a key role in our journey to leverage this powerful technology in strengthening our application security. This role is eligible for inclusion in the company’s hybrid working from home policy.
Qualifications
* Understanding of and demonstrable experience with automated, dynamic and static application security testing tools, as well as manual security testing to find vulnerabilities and logical issues.
* Knowledge and understanding of Open Web Application Security Project (OWASP) and its utilisation within threat modelling.
* Knowledge of software development and languages.
* Working knowledge of CI/CD pipelines and security tooling associated with them.
* Experience in conducting and reporting on web application penetration testing.
* Strong communication and documentation skills.
Additional Information
* Providing support to senior members of the team and mentoring junior members of the team.
* Taking an active role in the project process to ensure that information security aspects are considered up front and throughout the project lifecycle.
* Contributing to and continuously improving the company’s security testing methodologies, updating documentation where applicable.
* Performing manual and automated code reviews and escalating remediation where appropriate.
* Providing support to software development teams to ensure security is considered throughout the development lifecycle.
* Contributing to and continuously improving our supply chain assurance processes, identifying flaws and vulnerabilities.
* Performing risk assessments, threat modelling and design reviews to ensure effective security controls are in place.
* Identifying opportunities for converting manual tasks into automated processes.
Seniority level
Associate
Employment type
Full‑time
Job function
Information Technology
Industries
Gambling Facilities and Casinos
#J-18808-Ljbffr