Senior Penetration Tester

Company Description At bet365, we're one of the world's leading online gambling companies, revolutionising the industry since 2000. Founded by Denise Coates CBE, we now employ over 9,000 people and serve over 100 million customers in 27 languages. Our focus on In‑Play betting has solidified our market‑leading position, offering an unmatched experience across 96 sports and 700,000 streaming events. With over 750 concurrent sporting fixtures at peak and more live sports streamed than anyone else in Europe, we handle over 6 billion HTTP requests daily and process more than 2 million bets per hour at peak. We empower our employees to push boundaries and explore new ideas, cultivating a culture that celebrates and rewards creativity. This offers employees a wealth of opportunities for growth, giving them the opportunity to make a real impact in the world of online gambling. As a forward‑thinking company, we’re breaking new ground in software innovation too, redefining what’s possible for our customers worldwide. Job Description As a Senior Penetration Tester, you will focus on securing the Company’s applications through best practice development lifecycle controls and perform penetration tests to assess the effectiveness of security measures. The Information Security department deals with the security of closed‑source, open‑source and proprietary applications. The team ensures applications are developed and implemented in a secure manner, as well as being responsible for identifying and remediating risks efficiently through penetration testing. Utilising your knowledge of Secure Development Lifecycles and code assessment, you will work with the Software Development teams to understand and mitigate application‑based vulnerabilities. This role is based within the wider Information Security department, with engineers and analysts of varying backgrounds. Collectively, the team utilises enterprise and bespoke tooling to identify, mitigate threats, and safeguard the Business. We utilise AI to enhance our existing security processes and practices, embracing the advantages it brings. You will play a key role in our journey to leverage this powerful technology in strengthening our application security. This role is eligible for inclusion in the Company’s hybrid working from home policy. Qualifications Excellent understanding and practical experience with manual security testing to find vulnerabilities and logical issues, in either web applications or infrastructure. Strong understanding of and demonstrable experience with automated, dynamic and static application security testing tools. Knowledge and understanding of Open Web Application Security Project (OWASP) and its utilisation within threat modelling. Experience of software development and languages. Working knowledge of CI/CD pipelines and security tooling associated with them. Demonstrative experience in using structured methodologies for conducting and reporting on web application penetration testing. Excellent documentation skills. Strong communication skills. Additional Information Taking a lead role in the project process to ensure that information security aspects are considered up front and throughout the project lifecycle. Contributing to and continuously improve our penetration testing and red teaming methodologies. Performing dynamic and static security testing of our applications and infrastructure. Performing security code reviews and providing help with remediation. Partnering with software development teams to ensure security is considered throughout the development lifecycle. Contributing to and continuously improve the Company’s supply chain assurance processes identifying flaws and vulnerabilities. Performing advanced risk assessments, threat modelling and design reviews to ensure effective security controls are in place. Identifying opportunities for converting manual tasks into automated processes and identify tooling to support such automation. Providing support to technical leads and mentor junior members of the team. By applying to us you are agreeing to share your Personal Data in accordance with our Recruitment Privacy Notice - https://www.bet365careers.com/privacy-policy At bet365, we're committed to creating an environment where everyone feels welcome, respected and valued. Where all individuals can grow and develop, regardless of their background. We're Never Ordinary, and we're always striving to be better. If you need any adjustments or accommodations to the recruitment process, at either application or interview, please don’t hesitate to reach out. Seniority level: Mid‑Senior level Employment type: Full‑time Job function: Information Technology Industries: Software Development #J-18808-Ljbffr