Rodeo
ResourcesPartnersSign in

Allwyn UK

Security Tester

Watford
Posted 19 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Security Testing Specialist – Allwyn UK

About Allwyn UK & The National Lottery

At the heart of everything we do is our vision to change lives every day, and our mission to grow The National Lottery responsibly and champion its impact.

We are Allwyn UK, part of the Allwyn Entertainment Group – a multi-national lottery operator with a market-leading presence across the USA (Michigan and Illinois) and Europe (Czech Republic, Austria, Greece, Cyprus, and Italy).

While The National Lottery makes a profound difference through funds for good causes, we at Allwyn put our purpose and values at the heart of everything we do. Join us on a once-in-a-lifetime, large-scale transformation journey – shaping a National Lottery that delivers more money to good causes.


A Bit About the Role

This role delivers hands-on security testing across Allwyn’s applications, cloud platforms, and infrastructure. Your core purpose is to improve day-to-day testing coverage for:

  • Web applications
  • APIs
  • Backend services
  • Cloud-hosted workloads
  • Internal infrastructure
  • Network-facing services

You’ll support findings validation, remediation, and retesting, contributing to security excellence across both delivery and cyber defense.

This is an exciting opportunity to work within a national lottery, gaining exposure to:

✔ Security testing across all our technology layers ✔ Supporting delivery and cyber defense activities


Responsibilities

Security Testing Delivery

  • Deliver security testing across web applications, REST APIs, backend services, cloud-hosted workloads, internal infrastructure, and network-facing services.
  • Support testing of AWS and Azure environments, including:
    • Common configuration weaknesses
    • Access-control issues
    • Exposed services
    • Baseline cloud security concerns
  • Carry out network and infrastructure testing, identifying:
    • Host weaknesses
    • Service exposure failures
    • Enterprise-risk vulnerabilities
  • Support application-focused security testing, including:
    • Authentication & authorization flaws
    • Input validation issues
    • Session security risks
    • Data exposure vulnerabilities
  • Use common security testing tools for manual verification and assessment.

Findings, Remediation & Incident Support

  • Investigate reported vulnerability findings, validating genuineness, and providing remediation advice.
  • Support security teams in fixing and retesting solutions to ensure long-term security.
  • Assist in security incidents, including:
    • Technical impact assessment
    • Weakness validation
    • Follow-up testing
  • Produce clear, actionable findings with practical remediation guidance.
  • Oversee retesting, evidence collection, and proper issue closure.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.


What We’re Looking For

Essential Experience

⏭ Hands-on experience in security testing across:

  • Applications
  • Cloud platforms
  • Infrastructure
  • Network environments ⏭ Working knowledge of:
  • Web application testing
  • API security
  • Backend-service risks ⏭ Awareness of security frameworks & methodologies, including:
  • OWASP Top 10
  • OWASP API Security Top 10
  • Secure authentication & authorization models
  • Remediation strategies for common weaknesses ⏭ Understanding of broader security testing:
  • Vulnerability scanning
  • Manual verification
  • Configuration auditing
  • Risk-based testing ⏭ Working knowledge of:
  • AWS & Azure
    • Common configuration risks
    • Access-control issues
  • Network & infrastructure security basics
    • Exposed services
    • Host vulnerabilities
    • Enterprise-level risks ⏭ Ability to use & explain findings clearly from common tools. ⏭ Collaborative expertise – working with engineering & platform teams for findings understanding, fixes, and retesting. ⏭ Familiarity with secure development practices – supporting dev teams in remediation and explanation.

Desirable Experience

🔹 Experience with:

  • Containerized workloads
  • Mobile applications
  • Backend-service testing 🔹 Familiarity with SAST/DAST/CDMX outputs. 🔹 Knowledge of:
  • OWASP ASVS
  • Common Weakness Enumeration (CWE)
  • Secure coding standards
  • Security testing checklists for web, API, and cloud services. 🔹 Experience with threat modeling, secure design review, or RDPs (Risk Detection Platforms). 🔹 Background in regulated, high-availability, or transaction-critical environments. 🔹 Relevant certifications including:
  • CREST
  • OSCP
  • Or equivalent hands-on experience.

Tools & Technologies You’ll Work With

We’re looking for someone comfortable with a practical mix of common security tools—not a purely tool-focused role—but you must be able to:

  • Web & API testing: Burp Suite
  • Linux-based security workflows: Kali Linux
  • Network & service testing: Nmap, Nessus, Wireshark
  • SAST/DAST/IAST tools – interpret their outputs.
  • Cloud environments (AWS/Azure) – work with cloud posture/vulnerability tools.
  • Basic automation/scripting in Python would be a strong plus.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

About Us

At Allwyn UK, we’re dedicated to changing lives and growing the National Lottery while championing its positive impact on people, places, and the planet.

Our Values in Action

💡 Innovation: We’re always reimagining customer experiences, introducing new responsible products, and making them accessible to all.

🤝 Giving Back: Did you know? The lottery generates around £30M per week for UK charities—and we aim to double that by 2030.

🌱 Sustainability: Targeting net zero operational emissions by 2030—we’re already:

  • Moving to renewable energy
  • Switching our London & Watford offices to zero gas
  • Using low-emission vehicles
  • Working with partners on value chain decarbonization.

🗣 Empowering Every Voice: We foster a belonging culture, ensuring diversity, equity, and inclusion in everything we do—from retail to digital play. Because when everyone can play, everyone wins.


Inclusivity & Wellbeing

Inclusion at Allwyn starts with our people. We structure rewards & policies to:

  • Support colleagues through life’s stages and careers.
  • Prioritize wellbeing and belonging—because a thriving workforce drives meaningful impact in our communities.

Benefits Package

✅ Company Bonus Scheme ✅ Company-matched pension contributions (up to 8.5%) ✅ 26 days annual leave + 2 Life Days + bank holidays ✅ Single Private Health Cover ✅ Complimentary Private Medical ✅ Income Protection ✅ Flexible Benefits:

  • Electric Vehicle (EV) scheme
  • Finance advice (Will/Writing, Mortgage)
  • Dental & Optical schemes ✅ Enhanced Family Leave policies (Maternity/Paternity/Adoption) ✅ £500 Wellness Allowance ✅ Employee Assisted Programme ✅ Discounted Health Assessments ✅ Volunteering & Matched Funding Days

Our Commitment to Inclusion

We’re a Disability Confident Leader, actively working to remove barriers for disabled and neurodivergent candidates and colleagues.

If you need accommodation or adjustments during the application process, get in touch with our talent team at careers@allwyn.co.uk—we’re here to support you.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Security Testing
Web Application Testing
API Testing
Backend Services Security
AWS
Azure
Network Security
Vulnerability Assessment
Manual Verification
Configuration Review
Risk-Based Testing
Burp Suite
Kali Linux
Nmap
Python
Incident Support

Location

Watford, England, United Kingdom

Sign up to applySee more jobs like this