Job Description
This role is remote, with one required visit to your designated home office per quarter.
Remote option is available for employees located in the following states; AZ, CO, CT, FL, GA, IA, IL, IN, LA, MA, MD, MI, MN, MS, MT, NC, NJ, NV, NY, OH, OR, PA, SC, TX, TN, WA, WV, and Washington D.C. (States subject to change at any time)
Home Office: Las Vegas, NV
WELCOME TO THE EMPIRE! Caesars is one of the biggest names in the world of betting and we are striving to become the largest sports betting platform across America. We share a passion for sports and are industry leaders providing best-in-class service for all our customers.
BEHOLD! You will be at the heart of the technological revolution with one of the world's most trusted betting and gaming companies.
When we say cutting edge, we mean it. Here, you can work on highly reliable systems with low latency, much like the transactional systems of the best financial institutions, but...with the fun included.
You will have access to development opportunities, including IT conferences, internal training, and lunch and learn sessions. You will be part of a great working atmosphere, performing complex work in a collaborative team of amazing people, with forward-thinking managers. You will have the opportunity to make an impact.
What You Will Do:

• Be a major contributor to supporting the Triage and Remediation automation workflows.
• Triage security findings from all sources: Bug Bounty, automation tools, self-discovery and more.
• Train junior/mid-level engineers and other stakeholders to code securely to avoid the introduction or reintroduction of business-critical application security vulnerabilities to production.
• Design and contribute to the team implementation of Secure Software Development Life Cycle (SSDLC) practices including code reviews, static/dynamic code analysis, application security assessments, and provide self-service security services that are fully orchestrated/automated capable.
• Build and deploy security capabilities within the CI/CD pipeline designed to secure application code including, but not limited to Test Driven Security (TDS).
• Define, build, and maintain Application Security Policies, Standards, and Procedures that meet or exceed all required regulatory requirements.
• Research application vulnerabilities and recommend understandable and pragmatic remediation
• instructions.
• Maintain awareness of and communicate known vulnerabilities in Caesars Digital application technologies used within web services and mobile applications and coordinate with risk management teams to address them timely.
• Introduce commercial and vetted open-source security solutions to continuously secure and monitor production web services and APIs.
• Assist with writing WAF rules to protect against web application security attacks and exploitation.
• Review and analyze security event logs to support security incident response efforts.
• Contribute to and participate in blameless postmortems addressing web application security incidents.
• Define, build and operate a vulnerability management program with KPIs and dynamic reporting capable.

What You Will Need:

• 3 or more years of experience securing large-scale web/mobile applications and APIs.
• 2 or more years of software development experience
• 7+ years of Enterprise Information Technology or Information Security experience.
• Familiarity with modern software engineering practices and continuous integration and delivery.
• Experience with Node.js, Java, React or Scala and iOS and/or Android apps desirable.
• The ability to effectively partner and communicate with engineering and product teams.
• Capability to leverage a language to develop Lambda functions and automate security acceptance testing and integrations is a must.
• Experience with Terraform or CloudFormation.
• Familiarity with dynamic and static application security tools desirable.
• Experience with threat modeling web services desirable.
• Experience securing applications within immutable infrastructure such as Kubernetes, containers, and microservices desirable.
• Understanding of the OWASP Top 10, CWE/SANS top 25, the OWASP Cheat Sheet Series, and other industry leading application security practices.
• Desirable Certifications: GWAPT, GWEB

About Us
Behold! Caesars Sportsbook is here, and we're proud to be a part of Caesars Entertainment-the number one gaming company in the world with over 80 years of sports betting expertise.
At Caesars Sportsbook, we believe all our Team Members should be treated like Caesars. It's the mantra we were founded on, and the standard that drives us to provide our customers with best-in-class service.
As we continue to Blaze The Trail with our Caesars Sportsbook & Casino app, the expansion of our Caesars Sportsbook retail locations, our World Series of Poker franchise, our William Hill legacy brand, and partnerships with the biggest names in sports and entertainment, we're creating new and exciting opportunities for you to be a part of our empire and make an impact.
Interested in joining the team? Check out our job postings and see what we have to offer, people. And remember-We Are All Caesars!