Our client are looking for an application security specialist, joining a small team working across a large scale Cyber Security Group. The role can be based in Sydney (Hybrid) or remotely, only for Australian Citizens or those holding Permanent Residency. You need to be in Australia.
If you're somebody that can communicate with Developers, knows how to review code or understands how to use the right scanning tools to ensure code is secure then you have the right foundational knowledge for this role.
Our client is an ASX listed household name. We have an excellent track record of placing cyber professionals with them and the feedback has continued to be positive from those that work there.
Some reasons that you may be interest:
- They have had significant investment into new cyber security capability which means lots of new tools and a highly modern technical environment
- They have a structure and company culture that promotes development and long term growth opportunity
- They have genuine flexibility as part of the working arrangement. No mandatory days in the office, but a setup that suits you and your life. This is actually quite rare to see now
As their Appsec specialist, you are working with a small team but across a big scope. They have a great leadership team in place and you will typically be leading project engagements with their guidance.
You’ll be dealing with various project teams, including developers and engineers to champion a security first approach, including workshops and presentations for awareness.
You will be using the relevant tools across SAST and DAST for vulnerability scanning and reporting back to the business project teams on best practice.
You will play a crucial role in the strategy behind securing the Software development lifecycle and the tools and processes involved. Creating a culture of security awareness is essential.
You will have involvement in implementing new security tools into the devops pipeline in a shift left approach, further enhancing the devsecops mentality they are rolling out.
Some experience you may have...
- SAST/DAST vulnerability assessments with tools like SYNK, Checkmarx
- Good knowledge of Devsecops and integrating tools into the CI/CD pipelines
- Strong knowledge of the OWASP top ten
- Security related to cloud-based technologies, especially MS Azure, Google and Amazon AWS
- Solid understanding of core cyber security principles associated with all levels of the OSI stack, including OS, DB, Hypervisor, Application, Cloud, Web Application and e-commerce architectures.
A full Job Description can be provided.
If this sounds like something you want to discuss further, please reach out.
email@example.com or send through an application and I’ll come back to you.
There is no obligation to go forward for the role after our initial chat.
I work with multiple clients in this field, so if this isn’t quite right, we can always keep in touch for future options.