Cyber Security Specialist

About The Job
Bally's Corporation is a global casino-entertainment company with a growing omni-channel presence. It currently owns and manages 15 casinos across 10 states, a golf course in New York, a horse racetrack in Colorado, and has access to OSB licenses in 18 states. It also owns Bally's Interactive International, formerly Gamesys Group, a leading, global, online gaming operator, Bally Bet, a first-in-class sports betting platform, and Bally Casino, a growing iCasino platform.

Well, what about the team?
We're looking for a Cyber Security Specialist who thrives on protecting customer-facing platforms in a high-stakes, high-traffic environment. In this role, you'll be at the forefront of securing our B2C platforms that serve millions of customers globally, ensuring they can enjoy our services safely and securely.

You'll work alongside IT, Privacy, Technology, Compliance, and Legal teams to build and maintain a security posture that protects sensitive customer data, payment information, and business operations.

This isn't just about defending infrastructure—it's about securing the entire customer journey across web and mobile platforms, APIs, and cloud-native architectures.

What Makes This Role Exciting

• Protect real-time, customer-facing platforms serving millions of users globally
• Work with modern cloud-native architectures and cutting-edge security technologies
• Tackle unique security challenges in the highly regulated iGaming and sports betting industry
• Collaborate with development teams to build security into products from the ground up
• Respond to and investigate sophisticated threats targeting high-value platforms
• Influence security architecture decisions for next-generation platform features

So, what will you be doing?
Platform Security & Monitoring

• Monitor and protect customer-facing web and mobile platforms against threats including DDoS attacks, fraud attempts, and application-layer exploits
• Implement and maintain security controls for APIs, microservices, and cloud infrastructure
• Leverage SIEM, EDR, and security analytics tools to detect anomalous behaviour and potential threats
• Perform security assessments of platform components, third-party integrations, and payment processing systems
• Work with development teams to integrate security into CI/CD pipelines and ensure secure coding practices

Threat Detection & Incident Response

• Investigate security alerts and incidents affecting platform availability, data integrity, or customer privacy
• Conduct forensic analysis on security incidents using modern toolsets and methodologies
• Participate in 24/7 on-call rotation to ensure rapid response to security events
• Document incidents and contribute to post-incident reviews and lessons learned
• Develop and improve detection rules and playbooks based on MITRE ATT&CK framework and threat intelligence

Vulnerability Management & Compliance

• Identify and prioritize vulnerabilities across platform environments using scanning tools and manual testing
• Collaborate with engineering teams to remediate security findings and track remediation progress
• Support compliance initiatives including PCI-DSS, ISO 27001, GDPR, and gaming regulatory requirements
• Conduct internal security audits and assist with external audit preparations
• Maintain security tooling including vulnerability scanners, WAF

And what are we looking for?

• Hands-on experience in security operations, platform security, or application security
• Experience with security orchestration and automation (SOAR platforms, Python scripting for security tasks)
• Exposure to threat intelligence and threat hunting methodologies
• Strong understanding of web application security (OWASP Top 10, API security, authentication/authorisation)
• Experience with cloud platforms and cloud-native security tools
• Proficiency with SIEM platforms and log analysis
• Knowledge of EDR/XDR solutions, endpoint protection, and security monitoring tools
• Familiarity with vulnerability management platforms and remediation workflows
• Understanding of security fundamentals: firewalls, IDS/IPS, DDoS mitigation, cryptography, packet analysis
• Experience with container security (Docker, Kubernetes) and DevSecOps practices is a plus
• Knowledge of payment security standards (PCI-DSS) and data protection regulations (GDPR)

This Is What You'll Get
Different benefits packages are tailored to fit each location, but here's a taste of what may be on offer:

• Annual leave
• Health insurance
• Company share scheme
• Volunteering days
• Home office allowance
• Wellness or Gym allowance

DNA / Values
At Bally's Interactive, we are driven by a set of core values that we like to call our DNA. We strive to embody our DNA and keep them at the heart of everything we do

We are
Always Ready
to embrace change, adapt, and do what it takes to delight our customers. We believe that
You Make the Difference
, which is what gives our players the best experience and keeps them coming back. We are
All One Team
, looking out for each other, respecting diversity while connecting through a common purpose. Our teams are
Learning Every Day
by showing constant curiosity and the drive to learn from successes, mistakes, new experiences, and the people around us. At Bally's we
Love to Lead
by thinking differently, seeking innovation, and always looking for ways to raise our game.

Equal Opportunities
At Bally's Interactive, we are committed to promoting equal opportunities in employment and working conditions.

Diversity, Equity and Inclusion are important to us, and we encourage a culture where everyone can be themselves at work.

We believe passionately that employing a diverse workforce is central to our success, this is our superpower.

We do not discriminate against employees or job applicants on the basis of race, colour, nationality, ethnic or national origin, age, sex or sexual orientation, gender reassignment, religion or belief, marital or civil partner status, pregnancy or maternity, political opinion or disability.