Senior Application Security Specialist

Richmond Hill, Toronto, Canada IT Permanent

The role: Senior application security specialist

We are looking for senior application security specialist to join our busy and dynamic team based in our Richmond Hill, Toronto Office.

Why we need you: –

You will be creating and improving an application-level security framework and capability to harden our online services and prevent cyber-attacks.  You will work with our development teams to ensure what we build is secure and protects our players and systems from risk.

Who are we looking for: –

You will be assessing and then implementing a suitable application-level security framework to harden our online services and prevent cyber-attacks. With this, you’ll be researching, designing and implementing the means to mitigate software security risks. Extensive work experience in the field of information/software security, and extensive knowledge and deep understanding of software weaknesses (CWE, OWASP) is essential.

You’ll have proven experience working with C++ as well as a solid knowledge of cryptography and networking protocols as you’ll be executing code scans using specialized tools, complemented by selective manual review as well as maintaining and configuring code scanning tools. A keen interest in security and a strong desire to learn new technologies is important as is expert knowledge with static code analysis tools such as Lint and Clang

We are fully staked in ensuring that security is baked into our software delivery processes. As we transition into an agile delivery methodology  the ideal candidate will drive a devsecops approach to ensure that key security controls are hard wired into our software delivery pipelines.  Experience with the OWASP Top 10 and secure web development methodologies is also a must. Knowledge of commercial and open source tools such as Checkmarx and Burpsuite is desirable.

A recognised university qualification in Computer Science or equivalent experience is essential as is knowledge of JavaScript (or at least one scripting language such as PHP, Perl and Python). You’ll be leading implementation and continuous improvement of application level security framework as well as educating the development teams on application security aspects and best practices.

A strong knowledge of web security and Window’s internals is important as you’ll be interfacing with external SMEs on cyber security as well as keeping up with latest developments in software security.

The ideal candidate will build this capability from the ground up and it will also eventually involve the leadership of a small team, so candidates with leadership experience will be preferred

As the ideal candidate, you will have: –

All of the above! We know it’s a long list, so do tick off what you think you have exposure to, if it’s most – you’re in with a strong chance! If you have additional skills in machine learning techniques and knowledge of compiler technologies, we’ll be keen to get you to sign on the dotted line!

What’s in it for you?

The salary for this job is based on experience, so whilst we are not able to go into detail at this stage, we can say that we offer great salary packages and a discretionary annual performance bonus.

We offer health and dental insurance for you, your partner and your children (if you all live at the same address). In addition, you can join our company pension scheme. If you have a baby whilst you work for us, we will give you 1900 CAD as congratulations.

Our in-house training and development team deliver fantastic support to develop your skills and support you in progressing your career.

Lunch is on us and there is free fresh fruit, snacks, drinks in the office.

What happens next?

We will aim to get back to you as soon as possible. If you meet the criteria, then we’ll invite you to a phone interview and if that goes well we’ll meet you for a face-to-face interview

The Group

As part of Flutter Entertainment PLC, The Stars Group is the ultimate owner of industry leading gaming brands such as PokerStars, PokerStars Casino, BetStars, Full Tilt, and the PokerStars Live brands, and through its ownership of Sky Betting & Gaming, a mobile-led leading online gaming operator, licenses the Sky Bet, Sky Vegas, Sky Casino, Sky Bingo and Sky Poker online gaming brands. Collectively, these and other brands of The Stars Group have millions of registered customers globally, forming one of the world’s largest publicly listed online gaming companies.  This role is in the Group’s Toronto (Richmond Hill) service office in the Application Security department.