Full-Time

Senior Application Security Engineer

Posted on 2/6/2024

theScore

theScore

501-1,000 employees

Sports scores, news, and betting app

Consumer Software

Senior

Toronto, ON, Canada

Required Skills
Python
AWS
Google Cloud Platform
Requirements
  • 3+ years of Application Security or DevSecOps experience
  • 2+ years of GCP or AWS experience
  • Experience with software supply chain security (SBOMs, Artifact Signing, Attestations)
  • Programming experience in Python or Go
  • Experience with implementing security tooling in CI/CD
  • Experience supporting RESTful APIs and securing containerized workloads (GKE, EKS)
  • Experience working in regulated environments (PCI-DSS, SOC 2, etc)
Responsibilities
  • Collaborate with release and change management, SRE, Engineering, and compliance teams
  • Work with security/internal/external/state auditors to demonstrate compliance
  • Maintain a working knowledge of OWASP top 10 and MITRE top 25 CWE
  • Develop standards for security tooling focused on the application layer (SAST, DAST, SCA, MAST, RASP)
  • Build/implement secure artifact workflows in the SDLC to ensure governance and compliance standards are being met
  • Create technical approaches to implementing Application Security control technologies
  • Contribute to theScore’s Application Security program to support our continued growth
  • Define and report on security metrics, their delivery, and improvements
  • Work with service teams to conduct threat models of theScore’s internal and customer facing applications
  • Assist service teams in understanding and remediating security findings (code bashing)
  • Other duties as required.

theScore, a subsidiary of PENN Entertainment, offers a popular media app providing personalized live scores, news, stats, and betting information for sports fans, along with a sports betting app delivering a mobile betting and iCasino experience. The company utilizes mobile app development and digital content distribution technologies to create and distribute digital content through web, social, and esports platforms.

Company Stage

M&A

Total Funding

$268.1M

Headquarters

Toronto, Canada

Founded

2012

Growth & Insights
Headcount

6 month growth

21%

1 year growth

32%

2 year growth

79%
INACTIVE