Application Security Principal

Location: Hyderabad, Telangana, in

Company Description

Entain India is the engineering and delivery powerhouse for Entain, one of the world’s leading global sports and gaming groups. Established in Hyderabad in 2001, we’ve grown from a small tech hub into a dynamic force, delivering cutting-edge software solutions and support services that power billions of transactions for millions of users worldwide. 

Our focus on quality at scale drives us to create innovative technology that supports Entain’s mission to lead the change in global sports and gaming sector. At Entain India, we make the impossible possible, together.  

Job Description

This role works closely with the development teams to verify that our applications satisfy the defined security criteria, supporting the organization on the secure design of our gaming platform and conducting reviews of the developed applications, while improving the automation of security in our development lifecycle.

Primary Responsibilities:

• Provide technical leadership and guidance on application security best practices, methodologies, and technologies. Serve as a trusted advisor to development teams, architects, and stakeholders, offering insights and recommendations to enhance the security posture of applications.​
   
• Design and review security architectures for applications, ensuring the implementation of effective security controls and countermeasures. Conduct threat modelling exercises to identify potential security risks and vulnerabilities early in the development lifecycle.​
   
• Conduct in-depth security assessments, code reviews, and penetration testing of applications to identify and mitigate security vulnerabilities. Utilise industry-standard tools and methodologies to assess the security posture of applications and provide actionable recommendations for remediation
   
• Develop and implement security tools, scripts, and automation workflows to streamline security testing, monitoring, and compliance activities for applications. Leverage scripting languages and development frameworks to create custom tools tailored to specific security requirements.​
   
• Promote a culture of security awareness among development teams and stakeholders through training sessions, workshops, and knowledge-sharing initiatives.​ Educate personnel on secure coding practices, threat mitigation techniques, and compliance requirements.​
   
• Collaborate closely with development teams, Product, IT operations, project managers, and other stakeholders to integrate security into the software development lifecycle. Provide guidance and support to ensure security considerations are addressed throughout the application development process.​
   
• Proactively identify opportunities for improvement and optimization of security controls, processes, and technologies.​
   
• Stay abreast of emerging threats, vulnerabilities, and security trends in the application security landscape. Conduct research and analysis to evaluate new security technologies, techniques, and methodologies for potential adoption and integration into security practices.​

Occasional Responsibilities:

• Travel to Development centres

Qualifications

Knowledge/Expertise/Qualifications:

The role requires a person with outstanding technical foundations and a development background that has experience in conducting application security assessments and is able to interact with development teams to resolve the identified issues.

Essential

• Software Development Background
• At least three years experience in a similar Information Security position
• Customer-oriented person, with the ability to educate and influence a technical audience on Application Security matters
• Fluent in relevant development languages (Java, C/C++, C#, Perl, PHP, Python …)
• Experience in the following areas:
  • Security Test Management
  • Application Security Assessments
  • Security Assurance
  • Requirements Management
  • Knowledge of major frameworks and support libraries (SPRING, OSGI, ASP.NET, etc.)
  • Agile Development
  • Vulnerability management
  • Continues Improvements
  • Penetration Testing
  • Security Evaluation & Functional Testing
  • Application Security Testing
  • Application Security Testing Automation​
  • Enterprise Software​
  • Data Analysis​
  • Applied Research​
  • Legal & Regulatory Environment and Compliance​
     

Desired

• Open source projects
• Online Gaming security experience
• Regulatory and industry standards work: ISO27001, PCI-DSS, etc.

Relevant professional qualifications will be considered, although not a requirement, e.g. GIAC, CISA, CISM, CISSP, CEH, etc.

Additional Information

We know that signing top players requires a great starting package, and plenty of support to inspire peak performance. Join us, and a competitive salary is just the beginning.

Depending on your role and location, you can expect to receive benefits like:

• Safe home pickup and home drop (Hyderabad Office Only)
• Group Mediclaim policy
• Group Critical Illness policy
• Communication & Relocation allowance
• Annual Health check

And outside of this, you’ll have the chance to turn recognition from leaders and colleagues into amazing prizes. Join a winning team of talented people and be a part of an inclusive and supporting community where everyone is celebrated for being themselves.  

At Entain India, we do what’s right. It’s one of our core values and that’s why we're taking the lead when it comes to creating a diverse, equitable and inclusive future - for our people, and the wider global sports betting and gaming sector. However you identify, across any protected characteristic, our ambition is to ensure our people across the globe feel valued, respected and their individuality celebrated. 

We comply with all applicable recruitment regulations and employment laws in the jurisdictions where we operate, ensuring ethical and compliant hiring practices globally.

Should you need any adjustments or accommodations to the recruitment process, at either application or interview, please contact us.