Playson
Gaming
Playson is a leading supplier of online slot games, providing digital entertainment to various jurisdictions worldwide. They are licensed and regulated in numerous countries, including the UK, Italy, and Sweden. Playson offers a wide range of popular slot games like 'Buffalo Power: Hold and Win' and 'Legend of Cleopatra Megawaysâ˘', along with promotional tools designed to increase player engagement. Their commitment to compliance and socially responsible gambling is evident through their certifications and licenses. Additionally, Playson strives to enhance player experiences with innovative promotional tools such as Reel of Fortune and Free Spins, aiming to attract new players and boost retention.
Lead DevSecOps Engineer
Job not on LinkedIn
October 2
Playson
Gaming
Playson is a leading supplier of online slot games, providing digital entertainment to various jurisdictions worldwide. They are licensed and regulated in numerous countries, including the UK, Italy, and Sweden. Playson offers a wide range of popular slot games like 'Buffalo Power: Hold and Win' and 'Legend of Cleopatra Megawaysâ˘', along with promotional tools designed to increase player engagement. Their commitment to compliance and socially responsible gambling is evident through their certifications and licenses. Additionally, Playson strives to enhance player experiences with innovative promotional tools such as Reel of Fortune and Free Spins, aiming to attract new players and boost retention.
đ Description
⢠Establish the DevSecOps function at Playson, defining best practices and security standards across the Platform Tribe. ⢠Integrate security into CI/CD pipelines (SAST, DAST, dependency scanning, container scanning). ⢠Harden infrastructure and runtime environments (Linux, Docker, Kubernetes/EKS, RBAC). ⢠Design and enforce cloud security controls in AWS (IAM least-privilege, GuardDuty, Security Hub, encryption at rest/in transit). ⢠Define and maintain IaC security policies (Terraform/Terragrunt, drift detection, policy-as-code). ⢠Implement and manage secrets management solutions (Vault, AWS Secrets Manager). ⢠Build centralized security monitoring & alerting (Datadog, ELK, CloudWatch, SIEM/SOAR). ⢠Lead vulnerability management and threat modeling practices. ⢠Automate workflows through scripting (Python, Bash). ⢠Partner with backend, infrastructure, and platform engineers to embed security in design & delivery. ⢠Contribute to compliance readiness (ISO 27001, GDPR, PCI-DSS). ⢠Act as a security subject-matter expert, mentoring engineers and raising awareness. ⢠Continuously evaluate and implement new security tools and approaches.
đŻ Requirements
⢠5+ years in Security Engineering / DevSecOps roles, with proven success delivering secure infrastructure and applications. ⢠Strong skills in Python and Bash for building and automating security workflows. ⢠Cloud Security (AWS focus) - Deep knowledge of IAM least-privilege design, encryption at rest/in transit, GuardDuty, Security Hub, and best practices for securing multi-account environments. ⢠Implementation of security controls in pipelines (SAST, DAST, dependency scanning, container image scanning, policy-as-code). ⢠Hardening of Linux systems, Docker, Kubernetes/EKS; strong experience with RBAC, PodSecurity/OPA/Gatekeeper/Kyverno policies. ⢠Terraform/Terragrunt, including policy-as-code, drift detection, and compliance enforcement. ⢠Expertise with HashiCorp Vault, AWS Secrets Manager, or equivalent. ⢠Hands-on with centralized logging, SIEM/SOAR tools (Datadog Security, ELK, CloudWatch, etc.) and incident response workflows. ⢠In-depth understanding of secure network design, segmentation, and monitoring. ⢠Experience with tools enabling temporary, approval-based access (Teleport, AWS IAM Identity Center, Okta, etc.). ⢠Ability to design and enforce zero trust principles (continuous verification, microsegmentation, contextual access). ⢠Familiarity with SBOM generation (CycloneDX, Syft), artifact signing (Cosign, Sigstore), and applying SLSA/in-toto frameworks. ⢠Understanding of ISO 27001, GDPR, PCI-DSS (iGaming relevance), plus experience automating compliance checks with IaC and policy engines.
đď¸ Benefits
⢠Compensation at top industry standards + quarterly bonuses based on transparent evaluation. ⢠Remote-first flexibility and adaptable working hours. ⢠Unlimited paid vacation & sick leave. ⢠Comprehensive medical insurance (for you and your partner). ⢠Financial support for major life events. ⢠Professional growth budget for courses, training, and certifications.
Apply Now