Application Security Engineer

Scroll to content

Who we are

The Workshop is a tech company that develops intuitive software for the online gaming industry. Our motto is to move “Fearlessly Forward” together. Cooperative innovation is at the center of everything we do – from our games, new products and technologies, to how we collaborate and share inspiration with one another.

We understand that great ideas come from great people, and great people thrive when they’re trusted to challenge, change, improve, and perfect our products and processes. Our forte lies in the diversity of our skills – and that comes from the diversity of our people.

The Workshop is committed to being a diverse and inclusive workplace, where we all learn together, trust each other, and value collaboration. We welcome candidates of all genders, gender identity and expression, sexual orientation, disability, physical appearance, body size, race, age, nationality, belief (or lack thereof), and programming language preference. As an equal opportunity employer, we offer a friendly, supportive working environment for all. It’s a place where you can try new ideas, take risks, and enjoy the support to move Fearlessly Forward.

Your mission

As an Application Security Engineer, you will join our newly formed Application Security team to help design, enhance and build our Application Security Tools and Services in addition to supporting TWS’ Product Development teams in writing secure code in an agile development environment. You will build and maintain security tools, perform code reviews and assist in embedding security practices into our continuous delivery pipelines.

What you'll do

  • Help define consistent secure coding practices for all TWS technology projects throughout the planning and delivery cycles
  • Assist developers with the triaging of security finding and ensure that application security risks are mitigated where necessary
  • Help development teams reproducing exploits and mitigating vulnerabilities in software products
  • Assist in the definition and uptake of security requirements based on the Application Security Verification Standards 4.0
  • Collaborate with product and architecture teams to embed “bulletproof” OKRs into TWS’ development practices
  • Develop, optimize and maintain automation techniques and processes to improve scale and efficiency of application security at TWS Attain and maintain industry standards such as SANS DEV-541 and OSCP

What you'll bring

  • Hands-on experience with Java, JavaScript, and Python
  • Deep understanding of OWASP Top 10 with proven track record and experience in implementing and integrating remediation strategies
  • Excellent understanding of web application technologies, frameworks and protocols with respect to applications development and deployment
  •  Well versed in web application design and penetration testing
  • Experience in implementing enterprise-level secure SDLC frameworks
  • Ability to effectively communicate security risks to a technical audience and impart knowledge around mitigation techniques
  • Experience in implementing security testing tools (e.g. SAST, DAST and IAST)
  • Solid problem solving and analytical skills, able to digest technical issues and recommend appropriate solutions
  • Self-motivated and able to work independently

What's in it for you

  • Inspiring and fulfilling work at an innovative and values-driven company creating cutting-edge tech
  • Attractive salary and customisable benefits package
  • Flexible working hours and ways of working
  • Contemporary and accessible office environments with a range of workplace perks
  • Six weeks’ paid leave for every four years of service
  • Relocation package for you and your family including soft-landing package services to help you settle in (applicable in Spain, if you are moving from a different city/country)
  • Being part of a team with a forward-looking, international mindset and agile working practices
  • A friendly, inclusive, and multicultural environment (we are made up of over 35 nationalities, speaking almost 30 languages)
  • Wellbeing programs, learning, and personal growth opportunities
  • A range of employee events throughout the year, including team building activities, Learning Labs, Hackathons and Designathons
  • Opportunities to shape the tech community within and outside of the company, through mentoring and knowledge-sharing
We usually respond within three days

Or, know someone who would be a perfect fit? Let them know!


Calle Severo Ochoa, 16
29590 Málaga Directions View page

Our culture

We’re lucky enough to have a home in two of Europe’s best tech cities – London and Malaga – and are proud of our diversity. Our Inventors represent over 40 different nationalities and almost 30 languages.

Already working at The Workshop?

Let’s recruit together and find your next colleague.


Applicant tracking system by Teamtailor