Vacancy Type:
23 (Entain)
About The Role

We’re looking for an Application Security Engineer to join us in Sofia on a permanent basis. This role works closely with the development and operations teams to design, implement, rollout and support the operation of security controls at the application layer. This role detects new security needs, evaluates the best controls to integrate in the application, develops and tests proof of concept, supports the engineering implementation and the rollout as required.

The role requires a passionate application security engineer with a hands-on development background, a person to create and develop security controls not just to use pre-existing tools.

The role has a need to work closely with members of the Development and DevOps organisations to identify new application controls, implement proof of concept and support development, rollout and operation – people skills and conflict resolution soft skills are a must.

Primary responsibilities include:

  • Identify gaps in our application security controls, research and propose designs to resolve the gaps and support the implementation of the controls, for instance MFA, user behaviour analysis, denial of service prevention, etc.
  • Design and implement software that addresses the identified security gaps
  • Support the operation of application-level security controls, for instance web application firewalls, bot detection frameworks, etc.
  • Develop tools to improve the security of our applications
  • Incorporate design solution in Development, DevOps and Architectural best practices.
  • Design processes to improve secure development and testing, then coach and train developers and DevOps management on them. 
  • Design, test and improve security architecture of our Products.
  • Execute projects to implement the group Application Security strategy
  • Support the investigation of incidents relating to gaming platform anomalies, weaknesses and game integrity compromises
Occasional responsibilities:
  • Conduct application-level penetration testing and independent reviews of source code repositories.
  • Travel to Development centres


The role requires a person with outstanding technical foundations and a development background that has experience in designing and implementing application security controls, able to have a peer relationship with engineers and architects. 



  • Software engineering background, please share with us your publicly available work
  • At least three years of experience in a similar Information Security position
  • Design and development of security tools
  • Vulnerability research
  • Customer-oriented person, with the ability to educate and influence a technical audience on Application Security matters
  • Fluent in relevant development languages (Java, C/C++, Perl, PHP, .NET…)
  • Experience in the following areas:
    • Security design reviews
    • Knowledge of major frameworks and support libraries (SPRING, OSGI, ASP.NET, etc.)
    • Web-Application Firewalls (WAF)
    • Multi-factor authentication
    • Bot detection  


  • Open source projects
  • Online Gaming security experience
  • Regulatory and industry standards work: ISO27001, PCI-DSS, etc.
  • Experience in DevOps
  • Agile Development 

Relevant professional qualifications will be considered, although not a requirement, e.g. GIAC, CISA, CISM, CISSP, OSCP, CEH, etc

With the capacity to display initiative as part of a very strong Information Security team, this position plays a key role in protecting the security of our customers and systems from known and unknown threats. 

Employee benefits:
  • Competitive remuneration package; 
  • 25 days annual leave;
  • Social benefits: personal health insurance, dental allowance, sport activities, food vouchers;
  • Opportunity to join a team of great professionals;
  • Dynamic and friendly work environment;
  • Team building activities.
Ready to get involved? Bring your energy to GVC and you’ll be in the mix from the start. For the good of entertainment. Apply now!



About The Company

We’re Entain. Our vision is to be the world leader in sports betting and gaming entertainment by creating the most exciting and trusted experiences for our customers, revolutionising the gambling space as we go. We’re experts in safer gambling and the company that is at the forefront of responsibility.

Combining technology and entertainment to create products that push the boundaries, Entain is home to a global family of more than 25 well-known brands – names such as bwin, Ladbrokes, Coral, Gala, Betdaq, and many more. With a focus on sustainability and growth, we will transform our sector for our players, for ourselves and for the good of entertainment.

Diversity and inclusion at Entain

As a global employer, Entain is committed to providing a safe, fun, and inclusive culture where our people feel like they truly belong. We are a multicultural business that values, celebrates and respects individual differences, so whatever your sexuality, gender, gender identity, ability, age, race, religion or belief, you will have a voice here, and the space to do your best work. Our diverse internal networks provide the support for you to express your views and make a positive difference, all for the good of entertainment.

Our Culture As real as it gets

At Entain we're a diverse team, sharing a commitment to quality and success.

Whether you're playing a key role in your local community as part of our retail team, or working out the next big gaming trends in our digital team, you'll enjoy a culture and benefits package that we're extremely proud of.