Job Description

Casumo is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Join us at Casumo, where you are invited to be your authentic YOU-MO!

Welcome to Casumo, your passport to a world of fun, excitement, and responsible gaming. We're an international online casino company with a knack for creating unforgettable gaming experiences. Our secret sauce? A blend of innovation, security, and a dash of playful charm.
Nowadays, we're on the hunt for a hands-on and security-focused Information Security Engineer!

At Casumo, we’re building a secure, scalable, and forward-thinking digital environment - and we’re looking for an Information Security Engineer to help us do it.

In this role, you’ll work at the intersection of engineering and security, embedding best practices into our systems, products, and processes. You’ll collaborate closely with developers, infrastructure teams, and external partners to ensure our platforms remain resilient, secure, and compliant - without slowing innovation.

Responsibilities:

Security Engineering & Development

• Design, build, and maintain security tooling and automation to protect applications, infrastructure, and data.

• Integrate security into the software development lifecycle (SDLC), particularly across modern web stacks.

• Conduct code reviews, threat modelling, and architecture assessments to strengthen system security.

• Identify and remediate vulnerabilities across applications, APIs, and services.

Application & Product Security

• Partner with development teams to promote and improve secure coding practices.

• Support and optimise application security tools (e.g. SAST, DAST, dependency scanning).

• Help secure cloud-native and distributed systems at scale.

• Take ownership of reducing security debt—working with engineers to design, track, and implement effective fixes.

Incident Response & Security Operations

• Act as an escalation point for security incidents identified by our managed SOC.

• Lead or support incident response, investigation, and remediation efforts.

• Collaborate with SOC providers to enhance detection and response capabilities.

Risk, Compliance & Governance

• Contribute to maintaining security frameworks such as ISO 27001 and PCI DSS.

• Support audits and regulatory requirements as needed.

• Maintain and improve security documentation, policies, and technical standards.

Security Advocacy & Awareness

• Champion security best practices across the organisation through training and collaboration.

• Translate complex security concepts into clear, practical guidance for engineers and stakeholders.

• Stay up to date with emerging threats, vulnerabilities, and industry trends.

Requirements:

Experience & Background

• Degree in Computer Science, Software Engineering, or equivalent practical experience.

• Around 3–6 years of experience in software engineering, security engineering, or a related field.

• Hands-on experience securing modern applications and distributed systems.

Technical Skills

• Strong understanding of:

  • Application security principles and common vulnerabilities (e.g. OWASP Top 10).

  • Authentication, authorisation, and security protocols.

  • Applied cryptography fundamentals.

• Experience with one or more programming languages such as:

  • JavaScript (essential for modern web applications).

  • Python, Java, C/C++, PHP or similar.

• Ability to read, write, and review code from a security perspective.

• Familiarity with cloud environments, APIs, and microservices architectures.

Security Knowledge

• Experience defending against real-world attack vectors across multiple domains.

• Understanding of endpoint, network, and application security.

• Exposure to vulnerability management and security testing practices.

Nice to have

• Security certifications (e.g. CompTIA Security+, CySA+, AWS Certified Security – Specialty, Google Cloud Professional Cloud Security Engineer).

• Experience working with ISO/IEC 27001 or PCI DSS environments.

• Experience collaborating with or operating alongside a managed SOC.

• Familiarity with security tooling (e.g. Cloudflare, SAST/DAST tools).

• Experience with Infrastructure as Code (Terraform, CloudFormation) and container security (Docker, Kubernetes).

Who you are

• A pragmatic security engineer who balances risk with business needs.

• Curious, self-driven, and comfortable in a fast-paced environment.

• A strong communicator who can collaborate across teams and disciplines.

• Comfortable taking ownership and working autonomously.

• Trustworthy with sensitive and confidential information.

Think we're a good match? Apply now!

The Perks

Being a part of the Casumo group provides an unparalleled experience. You’ll find yourself surrounded by the brightest minds within the most inspiring and collaborative office spaces! In addition to that, you’ll enjoy:

Malta Office:

• Private health insurance

• Wellness incentives, including a fitness allowance and mental well-being services

• Flexible national holidays: public holidays mean more time off, choose how and when to enjoy them!

• 2 weeks Work From Anywhere (10 days), increased to 4 weeks (20 days) after longer duration of employment within the Company: explore the world while working remotely

• Gourmet lunches and healthy snacks prepared by our in-house chef

• Variety of discounts from local vendors

• Access to some of the greatest tools and platforms for developing your professional skills and building success within your role

• A range of training courses, known as Casumo College, for continuous learning and growth

• Social events for building strong relationships with colleagues from all across the organisation

Macedonia Office:

• Private health insurance

• Wellness incentives, including a fitness allowance and mental well-being services

• 2 weeks Work From Anywhere (10 days), increased to 4 weeks (20 days) after longer duration of employment within the Company: explore the world while working remotely

• Office lunches - three times per week

• Access to some of the greatest tools and platforms for developing your professional skills and building success within your role

• A range of training courses, known as Casumo College, for continuous learning and growth

• Social events for building strong relationships with colleagues from all across the organisation

Our ABC values:

ASPIRE
At Casumo, "aspire" means pushing beyond the ordinary and transforming obstacles into stepping stones. Challenges are our breakfast of champions, and comfort zones are out of bounds. Mediocrity? Left behind. Our mantra? Dream big, aim high, and always be ready for the next adventure in innovation.

BELIEVE
Belief at Casumo isn't just a feel-good sticker; it's the glue that binds us. Turning "me" achievements into "we" victories, we're a tight-knit crew of dreamers, doers, and relentless supporters. With a high-five arsenal and a trusty cheerleading squad, we're on a mission to prove that together, we're not just strong; we're Casumo strong.

CARE
Care is our secret ingredient, the cherry on top of our game. It's not only about ensuring our players have a blast (responsibly, of course); it's about weaving a fabric of support so tight, even the toughest challenges can't tear us apart. From tailoring player experiences to being there for each other, we're all about creating memorable moments.