Security Engineer

We are seeking a highly qualified and experienced Application Security Engineer to join our cybersecurity team and lead the implementation of secure development practices across the entire software development lifecycle (SDLC). This strategic role is essential to strengthening our security posture and integrating security by design and a shift-left approach within a fast-paced, cloud-native DevSecOps environment.What you will be doing:Application SecurityImplement and manage Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) to identify vulnerabilities in application code and behavior.Conduct Software Composition Analysis (SCA) to detect and manage risks in open-source dependencies.Secure Infrastructure as Code (IaC) templates (e.g., Terraform, CloudFormation) and containerized environments (e.g., Docker, Kubernetes) through automated scanning and policy enforcement.Implement API security controls, including authentication, authorization, rate limiting, and secrets management to prevent unauthorized access and data leakage.Strengthen the CI/CD pipeline security using tools and practices compatible with Azure DevOps, GitLab, GitHub Actions, and Jenkins.Contribute to the configuration and maintenance of Web Application Firewalls (WAFs) to protect against web-based threats.Support Distributed Denial-of-Service (DDoS) mitigation strategies and endpoint protection for critical systems.Enforce and monitor secure configurations across cloud platforms including AWS, Azure, and GCP using frameworks such as CIS Benchmarks and native cloud security tools.Partner with developers, DevOps, and infrastructure teams to integrate security throughout the development lifecycle.Provide technical guidance on secure coding practices, threat modeling, and cloud architecture design.Automate security controls and promote a DevSecOps culture through continuous improvement and knowledge sharing.Job RequirementsWho we are looking for:Core Skills & ExperienceStrong grasp of secure development and SDLC best practices.Hands-on experience with SAST, SCA, DAST, and container/API security.Familiar with secrets detection and IaC scanning.Proven ability to integrate security into CI/CD pipelines (Azure DevOps, GitLab, GitHub, Jenkins).Knowledge of security principles across AWS, Azure, and GCP.Experience with WAFs, endpoint protection, and security configuration baselines.Exposure to DLP and EDR tools is a plus.Able to review code, explain issues, and guide teams on secure fixes.Strong communication and ability to collaborate across technical fortable working independently and mentoring others.Nice to HaveDegree in Computer Science, Cybersecurity, or related field.Certifications such as CSSLP, OSWE, CISSP, AZ-500, etc.Experience with tools like Checkmarx, Snyk, SonarQube, Azure DevOps, GitLab CI, GitHub Actions, and Microsoft Security Suite.What we offer:Our roles offer more than just a job, you’ll become part of the evoke family! We have created an environment where our people can thrive. Check out some of the fantastic benefits on offer:Hybrid working:Our employees can work from home up to 80% of the time with 20% of office time built in to ensure we get some face-to-face collaborative team time - and the chance for a coffee and a catch-up!Holiday entitlement:You’ll be entitled to 22 annual leave days, plus bank holidays and an extra day for your birthday.eLearningFamily Support:Industry-leading maternity and paternity leave and paid time off if you have caring responsibilities.Health & wellbeing:Tools and services to help support your well-being, including support with mental health and financial education. You will also have access to gym discounts.Healthcare:We prioritize your health and well-being, offering comprehensive healthcare benefits....and moreMore about evokeWe’re a business that embraces change and progress. The power behind big name brands William Hill, 888 and Mr Green, evoke is the new name for 888 Holdings. Marking a new sense of purpose, direction and ambition for the business, there couldn’t be a more exciting time to join us as we accelerate our journey to bring even greater delight to our customers with world-class betting and gaming experiences. That’s the future. That’s evoke.At evoke, you’ll benefit from flexibility and a culture built on trust. We’ll give you the space to be yourself and the tools you need to protect our customers while they play. We’ll invest in your future to help you develop your unique strengths and build a career that’s right for you.ApplyAt evoke, we prioritize diversity, equity, and inclusion for the benefit of our company, employees, and communities. We foster a welcoming and safe workplace that values all forms of diversity and provides opportunities for growth.Sounds good? Then you belong at our place! The first step in the recruitment process is kickstarting your application, followed by an initial screening call and an interview stage.Apply today to kickstart your application with the evokeFamily!ApplicationJust fill in a few details below and we’ll be in touch if you’re a match for the positionPOSITION | Security Engineer | Position ID: A4.850Privacy PolicyThe candidate consent that the information in this Candidate Application and any personal information concerning him/her which is obtained by the Company or from other sources, will be held and managed by the Company or on its behalf, and that the Company shall be entitled to use and transfer such information to third parties, including Company’s affiliates, business partners or contractors/service providers, in Romania or abroad, to the extent required while maintaining your right to privacy. The Company undertakes that the information will be used, and transferred for the purposes related to the recruitment process, including assessment of your qualifications against our work opportunities, verification and reference/background checks, communications with you about the recruitment process and/or your application and/or compliance with applicable laws, regulations, legal processes or enforceable governmental requests. #J-18808-Ljbffr

Created: 2025-09-17