The Mill Adventure

The Mill Adventure is a scale-up with the ultimate mission of building awesome products that will change the way the iGaming industry operates. We started our journey in 2019, with the vision of building a technology driven organisation and creating a team consisting of the best of the best specialists in their respective fields. Today, we provide a complete gaming platform, including licences and operations, for rapid deployment and success in iGaming. Our team of 130+ technology and iGaming experts is guided by passion for invention, operational excellence and commitment to improve the inefficient. We trust and value our team and we strive to accommodate the right working conditions for each individual, in remote, office based or mixed models. We see the strength in being different and embrace the cultural diversity existing in our group. As our business continues to grow, we are looking for a Product Manager - Compliance who is going to be  a key player in ensuring that the TMA platform adheres to iGaming regulations and standards. This role is ideal for a Product Manager with strong experience in regulated iGaming environments, capable of translating complex legal and compliance requirements into clear, actionable product deliverables across B2B platforms or B2C operators. In this role you will be responsible to: - Own and prioritise the backlog for core platform and compliance-driven features - Analyse and translate regulatory requirements into product and technical specifications - Collaborate with Legal and Compliance teams to scope, document, and prioritise changes - Drive delivery of regulation-led initiatives across multiple jurisdictions - Support improvements to core platform features - Communicate regulatory and product updates to internal and external stakeholders - Participate in new market launch projects, ensuring compliance readiness from discovery to go-live, coordinating with internal and external stakeholders - Continuously monitor and update existing markets based on regulatory updates, adapting product features or workflows to ensure compliance continuity

• Own Application & Offensive Security: Drive the application security lifecycle. Lead architecture reviews, conduct deep-dive threat modeling sessions, and perform targeted internal penetration tests and secure code reviews to uncover blind spots early. • Drive DevSecOps Excellence: Architect and deeply integrate security tooling (SAST, DAST, SCA, secrets detection) directly into our CI/CD pipelines. Ensure high-signal alerts, low friction for developers, and seamless automation. • Own Vulnerability Management: Triage, validate, and prioritize application-level vulnerabilities based on actual business context and risk, guiding engineering teams through pragmatic remediation. • Support Cloud & Core IT Security: While AppSec is your primary focus, you will leverage your general working knowledge of AWS security and foundational IT controls (IAM, endpoint, zero-trust) to support the wider security team and ensure holistic coverage. • Be a Role Model & Culture Champion: Lead by example. Act as a definitive senior technical mentor for developers and a highly collaborative peer to our existing security team. Champion a culture of security ownership and actively spread security awareness across the entire technical organization. • Act as a Business Enabler: Eradicate the "security as a blocker" mentality. Partner proactively with product and engineering teams to find secure paths to "yes," ensuring our security initiatives accelerate rather than hinder product velocity.

• Establish the GRC Roadmap: Assess our current environment, identify gaps, and design a clear, actionable GRC roadmap aligned with our business goals. You tell us what we are missing and how to fix it. • Act as a Business Enabler: Eradicate the "security as a blocker" mentality. Partner actively with product and engineering teams during the design phases to find secure paths to "yes," ensuring our governance supports business velocity rather than slowing it down. • Lead Framework Implementation: Take full responsibility for managing and maturing our ISO 27001:2022 certification. Drive compliance initiatives for PCI DSS and prepare our posture for NIS2 requirements. • Drive Risk Management: Autonomously select and implement the most appropriate risk management frameworks. Own the risk register, lead risk assessments, and translate complex technical risks into clear business impacts and mitigation strategies. • Design Business-Aligned Governance: Design, write, and enforce information security policies and standards. Actively solicit feedback from engineering and business teams to ensure policies are practical and business-enabling. • Champion Security Culture: Own and evolve our security awareness program. Move us beyond boring, "check-the-box" compliance videos by creating engaging, context-aware training that actually resonates with engineers, product teams, and business operations. • Lead Audits & Compliance: Take the helm on all internal and external security-focused audits, assessments, and reviews. Act as the definitive subject matter expert for regulatory inquiries.

The Mill Adventure is a scale-up with the ultimate mission of building awesome products that will change the way the iGaming industry operates. We started our journey in 2019, with the vision of building a technology driven organisation and creating a team consisting of the best of the best specialists in their respective fields. Today, we provide a complete gaming platform, including licences and operations, for rapid deployment and success in iGaming. Our team of 130+ technology and iGaming experts is guided by passion for invention, operational excellence and commitment to improve the inefficient. We trust and value our team and we strive to accommodate the right working conditions for each individual, in remote, office based or mixed models. We see the strength in being different and embrace the cultural diversity existing in our group. As our business continues to grow, we are expanding our lean, high-impact security team. We are looking for a Senior Security Engineer (AppSec & Offensive) to act as a definitive technical pillar for our organization. We are looking for a highly proactive builder who takes extreme ownership of their domain. Always thinking one step ahead of attackers, you will continuously evaluate our application security posture, identify opportunities for improvement, and autonomously drive the solutions. Your primary mandate will be to own Application Security, DevSecOps, and Offensive Security, while acting as a force multiplier who spreads a strong, pragmatic security culture throughout the engineering organization. What You Will Do: - Own Application & Offensive Security: Drive the application security lifecycle. Lead architecture reviews, conduct deep-dive threat modeling sessions, and perform targeted internal penetration tests and secure code reviews to uncover blind spots early. - Drive DevSecOps Excellence: Architect and deeply integrate security tooling (SAST, DAST, SCA, secrets detection) directly into our CI/CD pipelines. Ensure high-signal alerts, low friction for developers, and seamless automation. - Own Vulnerability Management: Triage, validate, and prioritize application-level vulnerabilities based on actual business context and risk, guiding engineering teams through pragmatic remediation. - Support Cloud & Core IT Security: While AppSec is your primary focus, you will leverage your general working knowledge of AWS security and foundational IT controls (IAM, endpoint, zero-trust) to support the wider security team and ensure holistic coverage. - Be a Role Model & Culture Champion: Lead by example. Act as a definitive senior technical mentor for developers and a highly collaborative peer to our existing security team. Champion a culture of security ownership and actively spread security awareness across the entire technical organization. - Act as a Business Enabler: Eradicate the "security as a blocker" mentality. Partner proactively with product and engineering teams to find secure paths to "yes," ensuring our security initiatives accelerate rather than hinder product velocity.

The Mill Adventure is a scale-up with the ultimate mission of building awesome products that will change the way the iGaming industry operates. We started our journey in 2019, with the vision of building a technology driven organisation and creating a team consisting of the best of the best specialists in their respective fields. Today, we provide a complete gaming platform, including licences and operations, for rapid deployment and success in iGaming. Our team of 130+ technology and iGaming experts is guided by passion for invention, operational excellence and commitment to improve the inefficient. We trust and value our team and we strive to accommodate the right working conditions for each individual, in remote, office based or mixed models. We see the strength in being different and embrace the cultural diversity existing in our group. As our business continues to grow, we are looking for a highly autonomous and experienced Senior / Lead GRC Specialist. In this role, you will not just maintain our GRC function—you will own it. Working closely with our CISO and security engineering team, you will be responsible for defining the road ahead: identifying our gaps, selecting the right frameworks, and taking full responsibility for our governance, risk, and compliance posture. We need a mature professional who knows how to listen to engineering teams, build pragmatic policies, and drive security without being a roadblock. What You Will Do: - Establish the GRC Roadmap: Assess our current environment, identify gaps, and design a clear, actionable GRC roadmap aligned with our business goals. You tell us what we are missing and how to fix it. - Act as a Business Enabler: Eradicate the "security as a blocker" mentality. Partner actively with product and engineering teams during the design phases to find secure paths to "yes," ensuring our governance supports business velocity rather than slowing it down. - Lead Framework Implementation: Take full responsibility for managing and maturing our ISO 27001:2022 certification. Drive compliance initiatives for PCI DSS and prepare our posture for NIS2 requirements. - Drive Risk Management: Autonomously select and implement the most appropriate risk management frameworks. Own the risk register, lead risk assessments, and translate complex technical risks into clear business impacts and mitigation strategies. - Design Business-Aligned Governance: Design, write, and enforce information security policies and standards. Actively solicit feedback from engineering and business teams to ensure policies are practical and business-enabling. - Champion Security Culture: Own and evolve our security awareness program. Move us beyond boring, "check-the-box" compliance videos by creating engaging, context-aware training that actually resonates with engineers, product teams, and business operations. - Lead Audits & Compliance: Take the helm on all internal and external security-focused audits, assessments, and reviews. Act as the definitive subject matter expert for regulatory inquiries.

• Develop gaming platform, contributing with clean and efficient code • Participate in software design and architecture discussions • Identify, prioritize and execute tasks in the software development life cycle • Collaborate with internal teams, vendors, and partners • Automate tasks through appropriate tools and scripting • Review and debug code • Perform validation and verification testing

• Liaise with teams (developers and project managers) to identify system and business requirements • Review requirements, specifications and technical design document to provide timely and meaningful feedback • Develop, apply and optimise the testing process for new and existing products • Create test plans and test cases • Estimate, prioritise, plan and coordinate the testing activities • Identify, document, tract and document encountered bugs • Regression testing • Validate product quality after each release

• Coordinate the delivery of the marketing roadmap initiatives, with a data driven, research-based approach • Work with our marketing agency on PR activities • Collaborate with cross-functional teams, especially Sales, Product Development, and Operations, to drive brand awareness, loyalty, and brand recognition • Execute, and analyze marketing campaigns to promote our platform and services • Increase brand awareness through robust, multi-channel marketing strategies that deliver measurable results • Follow the marketing budget • Stay ahead of industry trends, emerging technologies, and best practices to ensure competitive advantage

• Own and prioritise the backlog for core platform and compliance-driven features • Analyse and translate regulatory requirements into product and technical specifications • Collaborate with Legal and Compliance teams to scope, document, and prioritise changes • Drive delivery of regulation-led initiatives across multiple jurisdictions • Support improvements to core platform features • Communicate regulatory and product updates to internal and external stakeholders • Participate in new market launch projects, ensuring compliance readiness from discovery to go-live, coordinating with internal and external stakeholders • Continuously monitor and update existing markets based on regulatory updates, adapting product features or workflows to ensure compliance continuity

• Take end-to-end ownership of CRM strategy and campaign execution across both brands, ensuring consistent quality, timely delivery, and alignment with brand tone • Plan, build, and optimize multi-channel campaigns (email, onsite, push) with strong attention to structure, clarity, and relevance • Develop CRM strategies focused on automation, personalization, and operational efficiency • Own and refine each brand’s tone of voice based on market-specific player preferences • Analyze campaign performance, customer behavior, and KPIs to iterate and improve • Ensure each campaign’s design, content, and terms are structured clearly and accurately • Align closely with other teams to ensure cohesive messaging • Coordinate loyalty and retention communications, ensuring brand-appropriate strategies • Ensure compliance and regulatory standards are embedded in workflows and communications • Collaborate with Responsible Gaming, Compliance, Customer Support, and other teams when relevant