Security

PIN-UP Global is an international holding specializing in the development and implementation of advanced technologies, B2B solutions and innovative products for the iGaming industry. We provide certification and licensing of our products, providing customers and partners of the holding with high-quality and reliable solutions.

Requirements:

2+ years in cybersecurity or software development.
Experience with SAST/DAST/IAST tools (e.g., Semgrep, Snyk, Burp, OwaspZap).
Knowledge of secure development practices (OWASP Top 10, CWE/SANS Top 25).
Experience implementing Quality Gate in CI/CD.
Understanding of web applications and API architecture (web-GRPC, REST, Ajax).
Knowledge of security standards: ISO 27001, SOC 2, NIST, PCI-DSS.
Basic understanding of containers (Docker, Kubernetes).
Programming Languages: Python, Go, JavaScript, Bash for code review and scripting.

Certifications (optional): eWPT, OSWE, CEH, GWEB.

Soft skills:

Strong communication skills collaborating with developers, DevOps, and security teams.
Critical thinking analyzing and prioritizing risks.
Attention to detail when reviewing code.
Proactive approach suggesting process improvements.
Willingness to learn quickly adapting to new tools and challenges.
Ability to manage multiple tasks simultaneously.
Willingness to learn quickly adapting to new tools and challenges.
Ability to manage multiple tasks simultaneously.

Responsibilities:

Application Security Analysis:

• Implement and maintain SAST/DAST tools.

• Conduct threat modeling for new features.

• Perform source code analysis for vulnerabilities.

• Ensure secure API implementations.

DevSecOps Processes:

• Set up security gates in GitLab CI/CD.

• Scan dependencies (Grype, Trivy).

• Validate Helm charts for security issues.

Vulnerability Management:

• Track vulnerabilities using DefectDojo.

• Prioritize and assign remediation tasks.

• Monitor vulnerability resolution.

Training and Documentation:

• Conduct secure coding workshops.

• Develop guidelines and checklists.

Our Stack:

SAST: e.g., Semgrep, Gitleaks, Checkov.
SCA: e.g., Grype, Trivy, Snyk.
CI/CD: GitLab CI.
Containers: Docker, basic Kubernetes knowledge.
API: e.g., Postman
Vulnerability Management: DefectDojo, Jira.
Languages: Python, Bash, Go, JavaScript

Benefits:

☘️An exciting and challenging job in a fast-growing product holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and other

🤝Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed

🧑‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided

🏖Paid vacations, sick leave, personal events days, days off

💵Referral program — enjoy cooperation with your colleagues and get the bonus

📚Educational programs: regular internal training, compensation for external education, attendance of specialized global conferences

🎯Rewards program for mentoring and coaching colleagues

🗣Free internal English courses

🦄Multiple internal activities: online platform for employees with quests, gamification and presents for collecting bonuses, PIN-UP team clubs for movie / book / pets lovers, etc

🎳Other benefits could be added based on your location