Mid-level Information Security Engineer role at Casumo, an online casino company. Requires 3 to 6 years in security or software engineering, with strong application security skills (OWASP Top 10, SDLC integration), JavaScript proficiency, and familiarity with cloud-native systems. ISO 27001 and PCI DSS exposure is a plus. Hybrid, based in Swieqi, Malta or Skopje, North Macedonia. Suits security engineers with iGaming or regulated-industry experience.
Role overview
Casumo is hiring a mid Information Security Engineer in Swieqi, Malta or Skopje, North Macedonia, hybrid, full-time. The role covers building security tooling and automation, integrating security into the SDLC, conducting code reviews and threat modelling, partnering with developers on secure coding practices, supporting SAST/DAST and dependency scanning tools, acting as escalation point for the managed SOC on incident response, and contributing to ISO 27001 and PCI DSS frameworks.
Requirements:
3–6 years in software engineering or security engineering
Degree in Computer Science, Software Engineering, or equivalent experience
Programming experience including JavaScript
Application security knowledge (OWASP Top 10, authentication, cryptography)
Cloud environments, APIs, and microservices familiarity
Nice to have: CompTIA Security+, CySA+, AWS Security Specialty, or GCP Cloud Security certifications, ISO 27001 or PCI DSS experience, Terraform/CloudFormation, Docker/Kubernetes container security.
Perks: private health insurance, wellness and fitness allowance, mental wellbeing services, flexible national holidays (Malta), 2–4 weeks work from anywhere, in-house chef meals (Malta), Casumo College training, social events.
Skills & perks
You'll be redirected to the employer's site.