Hey there, Senior AppSec Engineers (/hello). Want to work for a tech company genuinely making moves with funky stuff like predictive AI and automation on steroids? Keen to step into a small, but mighty team with a flat structure? If this is sounding good to you, please, for your sake, keep reading.
Firstly, why might this role and company interest you? - You’ll earn a salary package (inc. super) around the $190k - $220k mark, aligned with your experience.
- You’ll receive more than the mandated annual leave (25% more, in fact!).
- You’ll be stepping into a flexible environment where Mondays and Fridays are typically worked from home, whereas Tuesdays through Thursdays are used to get the band back together in the office, so to speak.
- On the office side of things, please believe us when we say this is a space you’ll want to be in. Sure, think all the usual, plush mod-cons, but also… basketball, and other novelties? Yup.
- You’ll cop a home office allowance. Spend it on whatever, really. Standup desk? Sure. Ergonomic chair? Why not. Insanely large, curved monitor? Be our guest.
- Free breaky, health & wellness discounts, a very comprehensive EAP, and a boatload more.
- You’ll be working with a Team Lead who’s genuinely one of life’s winners. We understand that’s subjective, but if you gel with intelligent, likeable, empathetic people with senses of humour, this’ll be right up your alley.
What will you be doing in this role? Let’s simplify things. You will be…
- Driving AppSec strategy.
- Improving security maturity.
- Ensuring products built are secure.
Slightly longer version? You’ll be the one working hand-in-hand with an established, cloud-native dev team, driving an application security vision (a shared one, at that). You’ll help to empower the devs to create products which customers trust in. Tackling code reviews? Yup. Implementing security tooling? Uh-huh. Much more stuff? You better believe it!
You’ll also be the one working with external security testing providers, and both ensuring and improving security maturity throughout all stages of product delivery. You’ll also be building systems to ensure more automation across decision making, but not automation for automation’s sake. Be selective. Be critical. Be creative.
What else will you be doing? Creating proof of concepts, building relationships both inside and outside of the business, you’ll detest the phrase “good enough” (good enough is never good enough), and generally, you’ll know how to have a laugh while remaining focused and doing cool work.
That’s a small taste of what you’ll tackle, but know that you’ll be working within a very agile environment. Seriously. This mob get stuff done. They’re not some big, lumbering corporate with a squillion and one tick boxes; they’re fast, they get their hands dirty, and they love it! Here’s hoping you do, too.
What experience or particulars do you need to succeed in this role? - You’ll need to have good, foundational knowledge in the AppSec arena. For instance, can you explain symmetric and asymmetric encryption? That’s just one example but you get the gist. You’ll need to know this stuff and know it well.
- Secure software engineering must come naturally to you (can you write production level code?), as well as a belief that the number of tools you run does not necessarily equate to how secure you are.
- Familiarity with AWS cloud tech, and Agile/DevOps ways of working will be hugely valuable.
- A robust knowledge of of industry cyber security standards will hold you in good stead – ISO27k, PCI-DSS, NIST, OWASP, NIST, etc.
- Keeping abreast of security trends, both established and emerging, including the threat landscape and how those threats are countered, would be excellent.
- You’ll need to feel comfortable plying your trade wherever – mobile, web, digital, enterprise-wide, etc.
- You’ll need to be physically based in Melbourne and happy to pop into the office Tue – Thur.
Reach out, say hi, and let’s have a chat about you and your career. Contact me, Michael, directly on mpearman@decipherbureau.com. Please rest assured anything discussed is kept 100% confidential, and only between you and me. I will always respect and honour your privacy.
Decipher Bureau and the clients we partner with are committed to creating a diverse environment and are proud to be equal opportunity employers. All qualified applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.