For 888 group
We are seeking a highly qualified and experienced
Application Security Engineer
to join our cybersecurity team and lead the implementation of secure development practices across the entire software development lifecycle (SDLC). This strategic role is essential to strengthening our security posture and integrating security by design and a shift-left approach within a fast-paced, cloud-native DevSecOps environment. What you will be doing: Application Security Implement and manage
Static Application Security Testing (SAST)
and
Dynamic Application Security Testing (DAST)
to identify vulnerabilities in application code and behavior. Conduct
Software Composition Analysis (SCA)
to detect and manage risks in open-source dependencies. Secure
Infrastructure as Code (IaC)
templates (e.g., Terraform, CloudFormation) and
containerized environments
(e.g., Docker, Kubernetes) through automated scanning and policy enforcement. Implement
API security controls , including authentication, authorization, rate limiting, and
secrets management
to prevent unauthorized access and data leakage. Strengthen the
CI/CD pipeline security
using tools and practices compatible with Azure DevOps, GitLab, GitHub Actions, and Jenkins. Contribute to the configuration and maintenance of
Web Application Firewalls (WAFs)
to protect against web-based threats. Support
Distributed Denial-of-Service (DDoS) mitigation
strategies and
endpoint protection
for critical systems. Enforce and monitor
secure configurations across cloud platforms
including AWS, Azure, and GCP using frameworks such as CIS Benchmarks and native cloud security tools. Partner with developers, DevOps, and infrastructure teams to integrate security throughout the development lifecycle. Provide
technical guidance
on secure coding practices, threat modeling, and cloud architecture design. Automate security controls and promote a
DevSecOps culture
through continuous improvement and knowledge sharing. Job Requirements
Who we are looking for: Core Skills & Experience Strong grasp of
secure development
and
SDLC best practices . Hands-on experience with
SAST ,
SCA ,
DAST , and
container/API security . Familiar with
secrets detection
and
IaC scanning . Proven ability to integrate security into
CI/CD pipelines
(Azure DevOps, GitLab, GitHub, Jenkins). Knowledge of
security principles
across
AWS ,
Azure , and
GCP . Experience with
WAFs ,
endpoint protection , and
security configuration baselines . Exposure to
DLP
and
EDR tools
is a plus. Able to
review code , explain issues, and guide teams on secure fixes. Strong
communication
and ability to
collaborate across technical teams . Comfortable working
independently
and
mentoring others . Nice to Have Degree in
Computer Science ,
Cybersecurity , or related field. Certifications such as
CSSLP, OSWE, CISSP, AZ-500 , etc. Experience with tools like
Checkmarx, Snyk, SonarQube ,
Azure DevOps ,
GitLab CI ,
GitHub Actions , and
Microsoft Security Suite . What we offer: Our roles offer more than just a job, youll become part of the evoke family! We have created an environment where our people can thrive. Check out some of the fantastic benefits on offer: Hybrid working: Our employees can work from home up to 80% of the time with 20% of office time built in to ensure we get some face-to-face collaborative team time - and the chance for a coffee and a catch-up! Holiday entitlement: Youll be entitled to 22 annual leave days, plus bank holidays and an extra day for your birthday. eLearning Family Support: Industry-leading maternity and paternity leave and paid time off if you have caring responsibilities. Health & wellbeing: Tools and services to help support your well-being, including support with mental health and financial education. You will also have access to gym discounts. Healthcare: We prioritize your health and well-being, offering comprehensive healthcare benefits. ...and more More about evoke Were a business that embraces change and progress. The power behind big name brands William Hill, 888 and Mr Green,
evoke
is the new name for 888 Holdings. Marking a new sense of purpose, direction and ambition for the business, there couldnt be a more exciting time to join us as we accelerate our journey to bring even greater delight to our customers with world-class betting and gaming experiences. Thats the future. Thats
evoke . At evoke, youll benefit from flexibility and a culture built on trust. Well give you the space to be yourself and the tools you need to protect our customers while they play. Well invest in your future to help you develop your unique strengths and build a career thats right for you. Apply At evoke, we prioritize diversity, equity, and inclusion for the benefit of our company, employees, and communities. We foster a welcoming and safe workplace that values all forms of diversity and provides opportunities for growth. Sounds good? Then you belong at our place! The first step in the recruitment process is kickstarting your application, followed by an initial screening call and an interview stage. Apply today to kickstart your application with the evokeFamily! Application Just fill in a few details below and well be in touch if youre a match for the position POSITION | Security Engineer | Position ID: A4.850 Privacy Policy The candidate consent that the information in this Candidate Application and any personal information concerning him/her which is obtained by the Company or from other sources, will be held and managed by the Company or on its behalf, and that the Company shall be entitled to use and transfer such information to third parties, including Companys affiliates, business partners or contractors/service providers, in Romania or abroad, to the extent required while maintaining your right to privacy. The Company undertakes that the information will be used, and transferred for the purposes related to the recruitment process, including assessment of your qualifications against our work opportunities, verification and reference/background checks, communications with you about the recruitment process and/or your application and/or compliance with applicable laws, regulations, legal processes or enforceable governmental requests. #J-18808-Ljbffr
Application Security Engineer
to join our cybersecurity team and lead the implementation of secure development practices across the entire software development lifecycle (SDLC). This strategic role is essential to strengthening our security posture and integrating security by design and a shift-left approach within a fast-paced, cloud-native DevSecOps environment. What you will be doing: Application Security Implement and manage
Static Application Security Testing (SAST)
and
Dynamic Application Security Testing (DAST)
to identify vulnerabilities in application code and behavior. Conduct
Software Composition Analysis (SCA)
to detect and manage risks in open-source dependencies. Secure
Infrastructure as Code (IaC)
templates (e.g., Terraform, CloudFormation) and
containerized environments
(e.g., Docker, Kubernetes) through automated scanning and policy enforcement. Implement
API security controls , including authentication, authorization, rate limiting, and
secrets management
to prevent unauthorized access and data leakage. Strengthen the
CI/CD pipeline security
using tools and practices compatible with Azure DevOps, GitLab, GitHub Actions, and Jenkins. Contribute to the configuration and maintenance of
Web Application Firewalls (WAFs)
to protect against web-based threats. Support
Distributed Denial-of-Service (DDoS) mitigation
strategies and
endpoint protection
for critical systems. Enforce and monitor
secure configurations across cloud platforms
including AWS, Azure, and GCP using frameworks such as CIS Benchmarks and native cloud security tools. Partner with developers, DevOps, and infrastructure teams to integrate security throughout the development lifecycle. Provide
technical guidance
on secure coding practices, threat modeling, and cloud architecture design. Automate security controls and promote a
DevSecOps culture
through continuous improvement and knowledge sharing. Job Requirements
Who we are looking for: Core Skills & Experience Strong grasp of
secure development
and
SDLC best practices . Hands-on experience with
SAST ,
SCA ,
DAST , and
container/API security . Familiar with
secrets detection
and
IaC scanning . Proven ability to integrate security into
CI/CD pipelines
(Azure DevOps, GitLab, GitHub, Jenkins). Knowledge of
security principles
across
AWS ,
Azure , and
GCP . Experience with
WAFs ,
endpoint protection , and
security configuration baselines . Exposure to
DLP
and
EDR tools
is a plus. Able to
review code , explain issues, and guide teams on secure fixes. Strong
communication
and ability to
collaborate across technical teams . Comfortable working
independently
and
mentoring others . Nice to Have Degree in
Computer Science ,
Cybersecurity , or related field. Certifications such as
CSSLP, OSWE, CISSP, AZ-500 , etc. Experience with tools like
Checkmarx, Snyk, SonarQube ,
Azure DevOps ,
GitLab CI ,
GitHub Actions , and
Microsoft Security Suite . What we offer: Our roles offer more than just a job, youll become part of the evoke family! We have created an environment where our people can thrive. Check out some of the fantastic benefits on offer: Hybrid working: Our employees can work from home up to 80% of the time with 20% of office time built in to ensure we get some face-to-face collaborative team time - and the chance for a coffee and a catch-up! Holiday entitlement: Youll be entitled to 22 annual leave days, plus bank holidays and an extra day for your birthday. eLearning Family Support: Industry-leading maternity and paternity leave and paid time off if you have caring responsibilities. Health & wellbeing: Tools and services to help support your well-being, including support with mental health and financial education. You will also have access to gym discounts. Healthcare: We prioritize your health and well-being, offering comprehensive healthcare benefits. ...and more More about evoke Were a business that embraces change and progress. The power behind big name brands William Hill, 888 and Mr Green,
evoke
is the new name for 888 Holdings. Marking a new sense of purpose, direction and ambition for the business, there couldnt be a more exciting time to join us as we accelerate our journey to bring even greater delight to our customers with world-class betting and gaming experiences. Thats the future. Thats
evoke . At evoke, youll benefit from flexibility and a culture built on trust. Well give you the space to be yourself and the tools you need to protect our customers while they play. Well invest in your future to help you develop your unique strengths and build a career thats right for you. Apply At evoke, we prioritize diversity, equity, and inclusion for the benefit of our company, employees, and communities. We foster a welcoming and safe workplace that values all forms of diversity and provides opportunities for growth. Sounds good? Then you belong at our place! The first step in the recruitment process is kickstarting your application, followed by an initial screening call and an interview stage. Apply today to kickstart your application with the evokeFamily! Application Just fill in a few details below and well be in touch if youre a match for the position POSITION | Security Engineer | Position ID: A4.850 Privacy Policy The candidate consent that the information in this Candidate Application and any personal information concerning him/her which is obtained by the Company or from other sources, will be held and managed by the Company or on its behalf, and that the Company shall be entitled to use and transfer such information to third parties, including Companys affiliates, business partners or contractors/service providers, in Romania or abroad, to the extent required while maintaining your right to privacy. The Company undertakes that the information will be used, and transferred for the purposes related to the recruitment process, including assessment of your qualifications against our work opportunities, verification and reference/background checks, communications with you about the recruitment process and/or your application and/or compliance with applicable laws, regulations, legal processes or enforceable governmental requests. #J-18808-Ljbffr