Director Solution Security

Brightstar is an innovative, forward-thinking global leader in lottery that builds on our renowned expertise in delivering secure technology and producing reliable, comprehensive solutions for our customers. As a premier pure play global lottery company, our best-in-class lottery operations, retail and digital solutions, and award-winning lottery games enable our customers to achieve their goals, fulfill player needs and distribute meaningful benefits to communities. Brightstar has a well-established local presence and is a trusted partner to governments and regulators around the world, creating value by adhering to the highest standards of service, integrity, and responsibility.  

Short Description

The Director Solution Security will lead the strategy, development, and operations of the Application Security team. This role is responsible for building and managing a high-performing team focused on securing applications across the enterprise, embedding security into the software development lifecycle (SDLC), and driving continuous improvement in secure coding practices and vulnerability management

Responsibilities

Team Leadership & Development

• Build and lead a team of application security engineers and analysts.

• Foster a culture of innovation, accountability, and continuous learning.

• Define team goals, KPIs, and career development plans.
  

Application Security Strategy

• Develop and execute a comprehensive application security strategy aligned with enterprise risk management goals.

• Collaborate with software engineering, DevOps, and product teams to integrate security into the SDLC.

Secure Development Practices

• Lead the development and implementation of secure coding standards and training to development teams.

• Drive the adoption of DevSecOps practices and tools.

Vulnerability Management

• Oversee application security testing including SAST, DAST, IAST, and manual code reviews.

• Manage the intake, triage, and remediation of application vulnerabilities.

Offensive Security Management

• Develop offensive security / red teaming capabilities, team, and processes and oversee execution of penetration testing activities

Governance & Compliance

• Ensure compliance with internal policies and external regulations (e.g., PCI-DSS, GDPR, MUSL, NIS2).

• Maintain documentation and reporting for audits and executive reviews.

Tooling & Automation

• Select and manage application security tools and platforms.

• Drive automation of security testing and vulnerability tracking.

Threat Modeling & Risk Assessment

• Lead threat modeling exercises for critical applications.

• Provide risk-based guidance to development teams and business stakeholders.

Scope

Complexity: Functions Responsible for or Influenced
High – Influence on Information Security across the organization

Diversity: Locations Responsible for or Influenced
High - Influence on enterprise

Typical Job Problems and Difficulties

• Ensuring alignment of multiple stakeholders and development teams Interfacing with customers as needed to discuss mitigating control options

• Driving standardization across the enterprise

Financial Accountability

Qualifications

Education:

• Bachelor's degree; an advanced degree is preferred.

Experience:

• 15 years of work experience; 12 years of related experience is required.

Keys to Success

• Leading Complexity
• Leading People
• Leading the Business
• Leading Self