Senior Security Engineer - Application Security

Posted Yesterday
Hiring Remotely in United States
Remote
Senior level
Digital Media • Gaming • Information Technology • Software • Sports • eSports • Big Data Analytics
The Crown Is Yours
The Role
As a Senior Security Engineer, you will enhance application security across web and mobile platforms, manage the web application firewall, conduct security integration in SDLC, and oversee security operations for cloud infrastructures. You'll also perform vulnerability assessments and collaborate with engineering teams to mitigate threats.
Summary Generated by Built In

We’re defining what it means to build and deliver the most extraordinary sports and entertainment experiences. Our global team is trailblazing new markets, developing cutting-edge products, and shaping the future of responsible gaming.

Here, “impossible” isn’t part of our vocabulary. You’ll face some of the toughest but most rewarding challenges of your career. They’re worth it. Channeling your inner grit will accelerate your growth, help us win as a team, and create unforgettable moments for our customers.

The Crown Is Yours

As a Senior Security Engineer, you'll collaborate closely with Engineering teams to drive and evolve our web application firewall and application security programs. In this role, you'll focus on advancing the security of our web application firewall controls, overseeing comprehensive web and mobile application security, and proactively identifying and mitigating emerging threats. Your work will be instrumental in shaping our security strategies and contributing to the continuous growth and resilience of our technology infrastructure.

What you'll do as a Senior Security Engineer:

  • Integrate security into the SDLC process, conducting SAST, DAST, and Secure Code Reviews throughout all development phases.

  • Manage and enhance security for the CDN and WAF, including DoS/DDoS mitigation, credential-stuffing prevention, and overall cloud security posture improvement.

  • Perform and oversee security reviews for Android and iOS applications, including vulnerability research, reproduction, and remediation.

  • Secure our production workloads, including containers and container orchestration systems like Kubernetes.

  • Participate in periodic off-hours escalation rotations for application security.

What you'll bring

  • At least 5 years of experience in running Application Security program including SAST, DAST, DevOps practices, and integrating security inside CI/CD pipeline.

  • Ability to secure DevOps platforms such as Terraform, Jenkins, Artifactory, Octopus Deploy, and container technologies like Docker, Kubernetes, and their cloud-managed counterparts (AWS EKS, GCP GKE).

  • Experience and knowledge managing CDN, WAF, DDoS, password spraying, and bot prevention technologies (e.g., Akamai botman, Fastly, Cloudflare)

  • Proficient in working with developers to remediate web and mobile application security vulnerabilities on Web, iOS, and Android platforms.

#LI-BF1

Join Our Team

We’re a publicly traded (NASDAQ: DKNG) technology company headquartered in Boston. As a regulated gaming company, you may be required to obtain a gaming license issued by the appropriate state agency as a condition of employment. Don’t worry, we’ll guide you through the process if this is relevant to your role.

The US base salary range for this full-time position is 104,000.00 USD - 130,000.00 USD, plus bonus, equity, and benefits as applicable. Our salary ranges are determined by role, level, and location. The compensation information displayed on each job posting reflects the range for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range and how that was determined during the hiring process. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Top Skills

Java
Python

What the Team is Saying

Nir
Nate
Sarah
Ivett
Mincho
Kalina
Graham
Michelle
The Company
HQ: Boston, MA
5,300 Employees
Hybrid Workplace
Year Founded: 2012

What We Do

It's simple, at DraftKings, we believe life is more fun when you're in on the action. For that reason, we’re committed to responsibly creating the world’s favorite games and betting experiences. We’re developing the most innovative and entertaining real money products and offers; to forever transform how people experience sports; to be a fully vertically integrated sports betting operator. It's our ultimate goal to build the best, most trusted, and most customer-centric destination for our players.

We’re defining what it means to build and deliver the most extraordinary sports and entertainment experiences. Our global team is trailblazing new markets, developing cutting-edge products, and shaping the future of responsible gaming.

Why Work With Us

Here, “impossible” isn’t part of our vocabulary. You’ll face some of the toughest but most rewarding challenges of your career. They’re worth it. Channeling your inner grit will accelerate your growth, help us win as a team, and create unforgettable moments for our customers. Ready to own what’s next?

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

DraftKings Teams

Team
The Offense Driving Innovation
Team
Engineering
Team
Product
About our Teams

DraftKings Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Not Specified
HQBoston, MA
BG
US
Dublin, D02 N279
Hoboken, NJ
Houston, TX
Las Vegas, NV
London, GB
New York, NY
Sofia, BG
Tel Aviv-Yafo, IL
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account