Application Security Engineer Location: Warsaw, PL, 03-728 Requisition ID: 17030 IGT (NYSE:IGT) is a global leader in gaming. We deliver entertaining and responsible gaming experiences for players across all channels and regulated segments, from Lotteries and Gaming Machines to Sports Betting and Digital. Leveraging a wealth of compelling content, substantial investment in innovation, player insights, operational expertise, and leading-edge technology, our solutions deliver unrivaled gaming experiences that engage players and drive growth. We have a well-established local presence and relationships with governments and regulators in more than 100 countries around the world, and create value by adhering to the highest standards of service, integrity, and responsibility. IGT has approximately 10,500 employees. For more information, please visit www.igt.com (https://c212.net/c/link/?t=0&l=en&o=3466342-1&h=1955860405&u=https%3A%2F%2Fwww.igt.com%2F&a=www.igt.com) . **Role overview:** We are hiring an Application Security Engineer to support the implementation and daily operations of our application security tooling and processes. This role focuses on technical depth—analyzing scan results, fine-tuning tools, and collaborating with engineers to embed secure development practices. You will work alongside the broader security and engineering teams to reduce vulnerabilities early in the development lifecycle. **Key Responsibilities:** + Implement, configure, and manage application security tools focused on SAST, SCA, secrets detection, and IaC scanning. + Integrate security scanning tools into CI/CD pipelines, ensuring coverage and minimizing friction for developers. + Regularly review scan results, prioritize findings, and work with developers to remediate vulnerabilities. + Perform secure code reviews and provide actionable remediation guidance. + Maintain and continuously improve security rulesets, baselines, and documentation for tools like Semgrep, Mend, GitHub Advanced Security. + Collaborate with security engineers on enhancements to DAST and container/image scanning workflows. + Contribute to internal documentation, secure coding standards, and developer enablement efforts. **Required Qualifications:** + 3–5 years of experience in Application Security or Software Development with a security focus. + Hands-on experience with tools like Semgrep, Mend, GitHub Advanced Security, and HCL AppScan. + Comfortable working in Git-based CI/CD environments (e.g., GitHub Actions, GitLab CI). + Knowledge of OWASP Top 10, secure coding practices, and common code-level vulnerabilities. + Familiarity with DAST tools (e.g., Tenable Web App Scanning) and experience supporting Pentest validation efforts. + Ability to collaborate effectively with developers, security team members, and DevOps. **Keys to Success** + Building collaborative relationships + Decision making + Drive results + Foster innovation + Personal energy + Self-leadership \#LI-YG1 _IGT is committed to sustaining a workforce that reflects the diversity of the global customers and communities we serve, and to creating a fair and inclusive culture that enables all our employees to feel valued, respected and engaged. IGT is an equal opportunity employer. We provide equal opportunities without regard to race, color, religion, gender, sexual orientation, gender identity, gender expression, pregnancy, marital status, national origin, citizenship, covered veteran status, ancestry, age, physical or mental disability, medical condition, genetic information, or any other legally protected status in accordance with applicable local, state, federal laws or other laws. We thank all applicants for applying; however, only those selected to interview will be contacted._ _All IGT employees have a role in information security. Annual training will be assigned and required as appropriate._ _IGT (NYSE: IGT) is the global leader in gaming. For more information, please visit_ _www.igt.com_ _._