Applications Security Engineer III

Location:

Warsaw, PL, 00-807

Requisition ID: 19324

Brightstar is an innovative, forward-thinking global leader in lottery that builds on our renowned expertise in delivering secure technology and producing reliable, comprehensive solutions for our customers. As a premier pure play global lottery company, our best-in-class lottery operations, retail and digital solutions, and award-winning lottery games enable our customers to achieve their goals, fulfill player needs and distribute meaningful benefits to communities. We have a longstanding commitment to Responsible Gaming (RG) that is engrained within our core business and the products we offer to customers and players worldwide. Brightstar has a well-established local presence and is a trusted partner to governments and regulators around the world, creating value by adhering to the highest standards of service, integrity, and responsibility. Brightstar has approximately 6,000 employees. For more information, please visit www.brightstarlottery.com.

Overview

We are seeking an Application Security Engineer to drive the strategy, implementation, and maturity of our application security program.

This individual will lead initiatives across the secure software development lifecycle, integrating application security best practices and tooling into engineering workflows, and partnering closely with security, DevOps, and engineering leadership.

This is a high-impact role that requires technical depth, leadership capability, and a passion for scaling security across product teams.

Responsibilities

Participate application security program, including tool selection, policy enforcement, developer engagement, and risk reporting.
Own integration of AppSec tooling into CI/CD pipelines to enable scalable, developer-friendly security controls.
Provide architectural guidance and secure design recommendations during development planning.
Oversee deployment and tuning of tools for SAST, SCA, secrets management, IaC scanning, and DAST (e.g., Tenable Web App Scanning).
Partner with product teams to embed secure coding practices, review threat models, and triage high-impact vulnerabilities.
Collaborate with GRC/compliance teams to ensure alignment with relevant standards (e.g., OWASP, FedRAMP).
Mentor and support other AppSec engineers and champion a security-first development culture.
Evaluate IAST and runtime protections as part of continuous improvement efforts.
Develop KPIs to measure security posture and tooling efficacy.

Qualifications

5–10 years of experience in Application Security or Secure Software Development.
Proven experience leading application security programs in a CI/CD-heavy engineering environment.
Deep expertise in securing cloud-native applications, and integrating AppSec tools such as Semgrep, Mend, GitHub Advanced Security, HCL AppScan, or equivalent.
Hands-on experience with CI/CD integrations using GitHub Actions, GitLab CI, Jenkins, or similar.
Strong communication and influencing skills; able to drive security adoption across diverse teams.
Knowledge of DAST tools (e.g., Tenable Web App Scanning) and Pentest methodologies (Burp Suite, Kali Linux).
Experience with security in modern SDLC environments using containers, microservices, and APIs.
IAST experience is a plus.

Success Profile

Building collaborative relationships
Decision making
Drive results
Foster innovation
Personal energy
Self-leadership

This information reflects Brightstar Lottery’s good-faith estimate of compensation for this position at the time of publication. Actual compensation will be determined in accordance with the applicable collective agreement and internal compensation policies. Factors that we consider include, but are not limited to, role, career level, performance, skills, level of expertise, experience, location, market competitiveness, and internal equity. The estimated starting compensation range is 145,196 zł – 223,379 zł. The Company will comply with all local pay requirements and collective bargaining agreements, where applicable.

Other Benefits Offered:

Paid time off
Health insurance, life insurance, and disability insurance
Opportunities to volunteer your time to company-driven initiatives, employee networks or organizations of your choice
Variety of well-being programs
Retirement benefits
Additional benefits available depending on the seniority of the role

This position is governed by collective bargaining agreement, which regulates the main terms and conditions of employment, including minimum salary levels, classification, working hours, leave, and other employment rights.

Our hiring process is conducted in line with principles of pay transparency and equal pay. We do not request or rely on candidates’ salary history during the selection process.

All Brightstar employees have a role in information security. Annual training will be assigned and required as appropriate.