Senior Frontend Engineer (Application Security)

At Easygo, our DevSecOps team is at the heart of our engineering, security and operations, creating the robust, high-performance and secure GitOps based Application Security and DevOps experience that underpins both our global casino games and sportsbook offerings. The exciting thing about this team is that it impacts every single Stake customer and is felt directly by every engineer across all feature development squads on the Stake platform. As a dedicated developer experience team, we tackle complex technical challenges with innovation and precision, ensuring the foundational systems are secure, robust, scalable, and empower all product development teams.

Key Responsibilities:

• Lead by example, and drive the adoption of secure software development lifecycle (SSDLC) practices. This includes performing threat modelling, providing secure coding guidance to development teams, and embedding security requirements early in the design phase.
• Own, improve, execute and manage various security tests, including SAST, DAST, and SCA, to identify vulnerabilities. Analyse test results and prioritise findings. Fix what you find, and work with developers to ensure timely remediation.
• Implement and maintain automated security controls within the CI/CD pipeline. This involves integrating security tools to enable continuous security testing and monitoring, making security an integral part of the DevSecOps process.
• Deploy and configure Web Application Firewalls (WAFs) and Runtime Application Self-Protection (RASP) solutions to protect from real-time attacks. Respond to urgent application security incidents as needed.
• Take ownership of the platform vulnerability management program. This involves tracking, prioritising, and remediation of security flaws found in applications, ensuring all vulnerabilities are addressed and verified.
• Actively engage in hands-on coding, testing, debugging, and troubleshooting to ensure code quality, scalability, and maintainability.
• Write efficient, scalable, and maintainable code, adhering to coding standards and best practices.
• Innovate within the team by pushing for improvements and driving constructive changes to enhance team performance and efficiency.
• Analyze complex problems and provide effective solutions, contributing to team goals and initiatives.
• Lead and independently complete medium-sized projects or initiatives from start to finish.
• Share application security knowledge and best practices with the team, fostering a collaborative and learning-oriented environment.
• Mentor software engineers across the organisation in security engineering practices.
• Collaborate with stakeholders, product managers, and engineering teams to effectively communicate technical concepts.

Minimum Qualifications: 

• Bachelor's/Master's degree in Computer Science or equivalent practical experience.
• 7+ years of hands-on experience in software engineering, with a primary focus on security engineering.

Strong understanding of code architecture and design principles.

• Excellent problem-solving skills and the ability to thrive in a fast-paced, dynamic environment.
• Strong communication skills for effective collaboration with teams and stakeholders.
• Analytical mindset to address complex technical challenges and devise innovative solutions.
• Positive attitude and eagerness to learn new technologies to grow as a security engineer.

Preferred Qualifications:

• Proven hands-on experience or certifications with a range of security tools, including SAST, DAST, and SCA tools e.g. Checkmarx, Veracode, Burp Suite, OWASP ZAP, WAFs and RASP Solutions, Penetration testing frameworks.
• AWS Certifications, such as Security Speciality highly desired.
• Experience with Typescript, Node.js, Kubernetes, Docker, AWS, Cloudflare, Datadog and related technologies.
• Experience with CI/CD tools (e.g. AWS Code Pipeline, Github Actions) for automating the deployment process.

Some of the perks of joining us:

• Championing Application Security excellence to secure our world leading global scale software product.
• Work alongside the top 5% of engineering talent in Australia using a vast technology stack: AWS, Github Actions, Typescript, Svelte, Cloudflare, Datadog, Nodejs and NATS.io. 
• Unique exposure to high throughput products which are consuming requests at thousands per second frequency (2 billion requests daily).
• Access to over 9,000 courses across our Learning and Development Platform 
• EAP access for you and your family
• Be rewarded with lucrative annual bonuses
• Give back with a paid volunteer day
• Fuel your day with daily breakfast and open pantries brimming with unlimited snacks and refreshments, all on the house
• Break up the week with on site remedial massage Wednesdays
• In house full-time barista’s providing you your daily coffee needs
• Weekly team lunches and happy hour in the office from 4pm on Fridays
• Enjoy a bustling office with the option for up to 2 days work from home per week
• Fun office environment with pool tables, table tennis and all your favourite gaming consoles

We believe that the unique contributions of everyone at Easygo are the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. We are passionate about providing a workplace that encourages great participation and an equal playing field, where merit and accomplishment are the only criteria for success.