Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the charge in shaping our application security strategy and tools.
- Company: Join Flutter, a global leader in online sports betting and iGaming.
- Benefits: Enjoy flexible working, enhanced pension, life assurance, and a £1,000 learning fund.
- Why this job: Make a real impact on security while working with cutting-edge technologies.
- Qualifications: Experience in software development and application security leadership is essential.
- Other info: Be part of an inclusive team that values diverse perspectives.
The predicted salary is between 60000 - 84000 £ per year.
What you’ll do
- Strategic Leadership & Roadmap: Define and lead the enterprise-wide Application Security and SSDLC strategy, including short, mid, and long-term goals aligned with the group’s security posture and digital transformation initiatives. Develop and maintain AppSec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global secure development policy, including approved tools, practices, and coding standards.
- Technology & Tooling Strategy: Evaluate, recommend, and support the rollout of AppSec tools such as SAST, DAST, SCA, container and IaC scanners, runtime protections, and CI/CD pipeline integrations. Collaborate with platform and DevOps teams to ensure tool integration and automation into developer workflows across brands. Provide architecture guidance on secure design patterns and security tool architecture in cloud-native and hybrid environments.
- Global Collaboration: Work closely with the Associate Director of Group Enterprise Security and other domain leads to align strategies and ensure cross-cutting coverage. Define and monitor key AppSec KPIs and metrics (e.g. vulnerability MTTR, scan coverage, risk acceptance trends) and report findings to leadership and the Global Cyber Council. Coordinate secure architecture reviews for critical application initiatives and provide consultative threat modelling support to large cross brand projects.
- Continuous Improvement & Innovation: Know the latest on emerging application security technologies, industry best practices, and threat trends. Evaluate new tools or features and where beneficial incorporate them into the strategy. Find opportunities to reduce friction for developers/brands while maintaining security. Continuously assess the program’s maturity across brands and implement improvements to process or technology to elevate weaker areas. The role also entails planning for product-related incident response and disaster recovery – ensuring that teams are prepared to handle a security incident.
- Project and Vendor Management: Oversee Secure by Design project execution and coordinate with project managers to ensure results (system implementations, migrations, integrations) are completed on time. Manage relationships with product vendors and service providers (Remaining vendor neutral) – e.g. oversee any integration partners/consultants and ensure we leverage vendor support. Evaluate and select products or upgrades in line with the strategic roadmap. Ensure that vendor solutions are configured to meet our requirements and that any services used governed under group policies.
How you’ll do it
- Several years of experience in software development and application security, with recent experience in an AppSec leadership or Security Architecture role.
- A track record of designing and implementing enterprise-scale secure development programs and embedding security into engineering culture.
- Broad experience integrating with various systems and tools such as: SonarCloud, Checkmarx, GitHub Advanced Security, Snyk, Aqua, Prisma Cloud, Semgrep, etc.
- Strong understanding and use of CI/CD ecosystems (e.g. GitLab, Jenkins, Azure DevOps, GitHub Actions) and how to embed security in build and deploy processes.
- Experience working in or with regulated industries or large enterprises is highly desirable.
- Mergers and Acquisitions integration experience is a plus.
- Familiarity with industry frameworks and standards: OWASP SAMM, OWASP ASVS, BSIMM, NIST SSDF, ISO 27034.
- Lead teams and projects. This could be as a DevSecOps team lead, security architect, or manager for SSDLC initiatives.
- Professional certifications in security are highly valued, such as CISSP/CSSLP, CISM, and/or other AppSec-specific certifications.
What’s in it for you
- We are a flexible employer; whether you have personal commitments or a hobby that brings you joy, we want you to bring your best self to work and feel empowered to do so.
- We also like to share our success; after all you make it happen.
- We have an excellent benefits package that can be personalised to you:
- Enhanced pension scheme
- Life assurance
- Income protection
- £1,000 annual self-development learning fund
- Invest via the Flutters Sharesave Scheme
- Enhanced parental leave
About Flutter
We are a world leader in online sports betting and iGaming, with a market leading position in the US and across the world. We have an unparalleled portfolio of the most innovative, diverse and distinctive brands including FanDuel, Sky Betting & Gaming, Sportsbet, PokerStars, Paddy Power, Sisal, tombola, Betfair, MaxBet, Junglee Games and Adjarabet. With our global scale and challenger mentality, through which we excite and entertain our customers, in a safe and sustainable way. Using our collective power, the Flutter Edge, we aim to disrupt the sector, learning from the past to create a better future for our customers, colleagues and communities. We’re working to be an inclusive employer, and we encourage people from all backgrounds, ways of thinking and working to apply. Everyone brings different perspectives and experiences; you don't have to meet all the requirements listed to apply for this role. If you need any adjustments to make this role work for you let us know, and we’ll see how we can accommodate them.
Product Security Architect employer: Flutter entertainment
Contact Detail:
Flutter entertainment Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Product Security Architect
✨Tip Number 1
Network like a pro! Reach out to folks in your industry on LinkedIn or at events. A friendly chat can lead to opportunities that aren’t even advertised yet.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repo showcasing your projects and contributions. This gives potential employers a taste of what you can do beyond your CV.
✨Tip Number 3
Prepare for interviews by practising common questions and scenarios related to AppSec. We recommend doing mock interviews with friends or using online platforms to boost your confidence.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive!
We think you need these skills to ace Product Security Architect
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in application security and software development. We want to see how your skills align with our needs, so don’t hold back on showcasing relevant projects!
Showcase Your Leadership Skills: Since this role involves strategic leadership, it’s crucial to demonstrate your experience in leading teams or projects. Share specific examples of how you’ve driven security initiatives or improved processes in your previous roles.
Highlight Your Technical Expertise: We’re looking for someone with a solid understanding of AppSec tools and CI/CD ecosystems. Be sure to mention any relevant technologies you’ve worked with, like SonarCloud or GitHub Actions, and how you’ve integrated security into those workflows.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it gives you a chance to explore more about what we do at StudySmarter!
How to prepare for a job interview at Flutter entertainment
✨Know Your Stuff
Make sure you brush up on your knowledge of application security frameworks like OWASP SAMM and NIST SSDF. Be ready to discuss how you've implemented these in past roles, as well as any tools you've used like SAST or DAST. This shows you're not just familiar with the concepts but have practical experience.
✨Showcase Your Leadership Skills
Since this role involves strategic leadership, prepare examples of how you've led teams or projects in the past. Think about times when you defined a roadmap or improved processes. Highlight your ability to collaborate with different teams, especially in a global context.
✨Be Ready for Technical Questions
Expect technical questions related to secure development practices and CI/CD ecosystems. Brush up on your knowledge of integrating security into developer workflows and be prepared to discuss specific tools like GitHub Actions or Azure DevOps. Demonstrating your technical expertise will set you apart.
✨Understand the Company Culture
Research Flutter and its brands to understand their values and culture. Be ready to discuss how your personal values align with theirs, especially regarding innovation and inclusivity. Showing that you fit into their culture can make a big difference in your interview.
