Senior Security Engineer - Application Security

We're defining what it means to build and deliver the most extraordinary sports and entertainment experiences. Our global team is trailblazing new markets, developing cutting-edge products, and shaping the future of responsible gaming.
Here, "impossible" isn't part of our vocabulary. You'll face some of the toughest but most rewarding challenges of your career. They're worth it. Channeling your inner grit will accelerate your growth, help us win as a team, and create unforgettable moments for our customers.
The Crown Is Yours
Are you passionate about building secure, scalable, and innovative systems in a complex environment? We're seeking a Senior Security Engineer to join our growing product security team that ensures our market-leading products remain secure, trusted, and resilient.
You'll work closely with software engineers, SREs, security leadership, fraud and abuse operations, and cross-functional teams to perform code reviews, influence architecture, and establish design patterns. Technical work will vary from vulnerability analysis to automating bug finding, assessing entitlement abuse in identity systems, building anti-fraud mechanisms in mobile applications, threat modeling apps in physical and cloud environments, and beyond.
The team you're joining is cross-disciplinary, driven, supportive, and global. Each member brings unique, respected perspectives whether they just joined or were founding team members.
If you're excited about the challenge of growing a modern program that tackles classes of vulnerabilities, builds paved roads, and considers the human element in the context of a complex organization and technical environment, we want to hear from you.
What you'll do as a Senior Security Engineer

• Work on applications running across cloud and on-prem servers, Kubernetes, CI/CD build systems, web and mobile clients, and global traffic management.
• Operationalize a methodology to analyze the quality of products and systems, holistically improving resiliency and quality across the herd.
• Perform detailed security assessments, architectural reviews, and threat modeling for complex applications and systems, deciding when you need to mitigate with the team versus guiding them.
• Design and implement custom security tools, focusing on both platform-specific and general application security testing needs.

• Manage and enhance security for inbound traffic, working with our providers to mitigate varieties of Denial of Service, account takeover (ATO), and botnet traffic.
• Participate in periodic off-hours escalation rotations with the rest of the team (all seniorities).

What you'll bring

• 5+ years experience in product and application security, ideally in global technology organizations with thousands of engineers.
• Knowledge of different technical environments with strong depth in at least one domain like microservices, mobile applications, or web browsers and APIs.
• Track record of conducting technical security assessments, including binary analysis, runtime manipulation, and implementing effective security measures.
• Comfort reading and analyzing C-style languages like Java and C#, with proficiency in languages like Python, Go, and Rust for security tooling.
• Ability to effectively communicate complex security concepts to diverse stakeholders and deliver clear, actionable recommendations.

#LI-BF1
Join Our Team
We're a publicly traded (NASDAQ: DKNG) technology company headquartered in Boston. As a regulated gaming company, you may be required to obtain a gaming license issued by the appropriate state agency as a condition of employment. Don't worry, we'll guide you through the process if this is relevant to your role.
The US base salary range for this full-time position is 110,200.00 USD - 137,800.00 USD, plus bonus, equity, and benefits as applicable. Our ranges are determined by role, level, and location. The compensation information displayed on each job posting reflects the range for new hire pay rates for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific pay range and how that was determined during the hiring process. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.