Application Security Architect

ARRISE sets the benchmark for service delivery and excellence in the iGaming industry. Playing a key role in the success of its clients, which include Pragmatic Play, a brand relied upon by the world’s biggest online casinos for its cutting-edge products, ARRISE helps to deliver exceptional gaming experiences to millions of players worldwide.

Our global team of over 10,000 talented and driven professionals are shaping the future of iGaming. Headquartered in Gibraltar, we have offices spanning Canada, India, the Isle of Man, Latvia, Malta, Romania, Serbia, Bulgaria, and the UAE, and more exciting destinations on the horizon.

At ARRISE, we take pride in creating growth opportunities at all levels, constantly investing in our people while welcoming new colleagues and forging strategic partnerships that open new opportunities for success.

To achieve this, we bet on ourselves. We know that success is a collective effort, and our team is driven by ambition, collaboration, and a shared commitment to grow and succeed — while embracing every step of the journey.

Please note, relocation support is not provided for this role.

We are seeking a seasoned Senior Application Security Architect to lead and shape the secure architecture of our software products and platforms. This role spans on-prem, hybrid, and cloud (SaaS) environments. Leading the development and implementation of application security architecture, embedding security into our SDLC, and delivering 'secure-by-design' solutions that align with business goals, regulatory obligations, and modern threat landscapes.

• Define and mature the application security architecture strategy, standards, paved roads and guardrails across product teams and platforms.
• Lead threat modeling and architecture review processes for new and evolving systems, including web, API, microservices, cloud-native, containerized, and hybrid deployments.
• Oversee secure design reviews, code reviews (manual and tool-based), and vulnerability/weakness assessments across development teams.
• Embed security into the SDLC: partner with DevOps, development, platform, and operations teams to integrate security testing tools such as ASPM, API Security, WAF, etc.
• Develop reusable secure components, reference architectures, and 'paved roads' that accelerate secure development and maintain consistency.
• Monitor and report on application security posture, metrics (e.g., vulnerability trends, mean time to remediation, code coverage) and drive continuous improvement.

• 8–10+ years of experience in application security, secure software development, or security architecture roles.
• Demonstrated experience designing secure architectures across cloud-native, hybrid, and/or on-prem environments.
• Strong programming or code experience in languages such as Java, React, JavaScript
• Familiarity with application security frameworks and maturity models (SAMM, BSIMM)
• Experience integrating application security into CI/CD pipelines and DevOps workflows
• Excellent communication skills, with the ability to translate complex security concepts to both technical and non-technical stakeholders.

Nice-to-Have:

• Experience in gaming, fintech, regulated industries (iGaming, payments), or large-scale SaaS platforms
• Experience building developer enablement programs such as secure coding training or champions program