Find a job

Application Security Testing Engineer - 2557


Application Security Testing Engineer

  • Primary Location:
    Cluj - Napoca, Porto
  • Contract Type:
  • Employment Basis:

Flexible benefits of your choice

Learning and development opportunities

25 days annual leave

Customized wellbeing programs

Extended health and travel insurances

Top trending technologies

Share this page
Share with linkedin
Share with facebook
Share with twitter
Share with email

The Paddy Power Betfair Cyber Security Team is a wide security team, with +60 people, covering a large spectrum of security areas of expertise. Its goal is to provide and ensure that proper security controls are protecting against risk across all businesses within the group. The successful candidate will be part of the Application Security Testing Team and will have the opportunity to use technical skills and knowledge to identify new vulnerabilities and contribute to PPB overall security posture.

The Application Security Tester acts as an enabler for the wider Security Team, and aims to ensure the adoption of Application Security practices, detection of security vulnerabilities and mitigations are acted upon the project lifecycle.

You'll be performing penetration testing for internal components and third-party applications that are used by the company. The overall scope will be mainly web applications.

The role involves a collaborative approach in the engagement phase, where you'll be gathering all required information for the pentest and clearly defining the scope with the stake holders. It also includes close collaboration with development and infrastructure teams, not only to ensure that the identified vulnerabilities are validated and understood, but also to test the provided patches against other attack vectors.


In sum, you'll be leading web applications security assessments, including the engagement phase, code review, penetration test, vulnerability reporting&tracking, patching recommendation and support.


What We're Looking For…

  • Experience and technical skills to test and review code of applications developed internally and externally, in line with application security best practices, by tracing the execution flow through an application and identifying possible security vulnerabilities or areas of weakness;
  • Motivation and soft skills to proactively unblock pentest requirements, engaging with different stakeholders (technical and non-technical) including developers, product owners and managers;
  • Experience and ability to elaborate self-explanatory penetration testing reports, with high quality level, capable of being clearly understood by teams that don't have security knowledge;
  • Wide security knowledge to provide recommendations to the development teams on how to fix/mitigate a security vulnerability on applications and systems;
  • Motivation and proactivity to lead security awareness/training initiates delivered by AppSec for developers, namely organizing CTFs and Show&Tells;
  • Motivation and proactivity to keep up with the latest offensive techniques, promoting self-improvement of soft and technical skills.

We'd love to see…

  • Good written and verbal communication skills;
  • A team player, who strives to maximize team and departmental performance;
  • Resolves and/or escalates issues in a timely fashion;
  • Knowledge sharing and interest in expanding other team members security skills and mindset;
  • Capability to focus and work without supervision.


Ways of working:

Flexible working is our way of working! We're a diverse workforce and therefore a 'one size fits all' approach isn't necessarily best. Whatever your personal needs may be, let's have a chat and see how we can accommodate them;
We thank all applicants for their interest, however only the suitable candidates will be contacted for an interview.

By submitting your application online, you agree that: your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record.If your application is unsuccessful, we will retain your details for a period no longer than two years, in order to consider you for prospective Paddy Power Betfair role.

Close map
Blvd. 21 Decembrie 1989, no. 77, The Office building, Betfair Romania Development, Entrance A, 4th Floor, Cluj, Romania, 400124

This is who we are

Betfair Romania Development is the development powerhouse behind the FTSE 100 company Flutter Entertainment, located in Cluj-Napoca, Romania, since 2009.

We’re the employer of choice for over 900 highly skilled people in a wide range of Programming Languages, Information Security & Governance, Product & Program Management and Sports Operations.

We support an agile environment where bold ideas meet online innovation as the teams deliver excellence worldwide through 7 main project streams: Gaming, Customer Management, Infrastructure, Security, Data Warehouse, Marketing, and Risk & Trading.


We’re an international family of the talented and the brave. If you’re tired of business as usual and want to create something new, you’ll love it here. Quick-thinking, adaptable and disruptive, we believe the future is what you make it. Think Betfair. Experience Different.

This is your Challenge

We are part of Flutter Entertainment, a global sports betting, gaming and entertainment provider for over thirteen million customers worldwide.

Established in 2019, Flutter merged with The Stars Group in 2020. As the parent company Flutter Entertainment now has a host of brands that sit under it including Paddy Power and Betfair (PPB), Sky Betting and Gaming, PokerStars, Full Tilt Timeform, oddchecker, Sporting Life, SportsBet, Bet Easy in Australia, FOX Bet, TVG and FanDuel in the US.

Across the globe, Flutter employs over 14,000 people across more than 40 offices and over 600 retail sites. We pride ourselves on being a responsible operator, committed to making a positive contribution to the communities we operate within.