Let’s Set the Scene… Large-scale platform modernisation program for a well-established digital business. Three-year body of work replacing a legacy back-end system that's been holding the business back. The company's part of a global group collaborating on one shared platform. Australia's navigating complexity, managing security risk, and working with engineering partners based in Europe. This is what you’ll be sinking your teeth into.
What’s In It for You? - 12-month initial contract, very real scope for ongoing extensions.
- All inc. rate of up to $1200/day.
- Hybrid setup, 3-days per week required in the Melbourne CBD office (Tuesday – Thursday, WFH Mondays and Fridays).
- Start ASAP - role's approved and ready to go.
What You'll Be Doing: This is interesting from a security standpoint. You'll be standing up new infrastructure, helping to build secure pipelines, assessing code for vulnerabilities, and driving a triage approach to remediation. Security expertise sits here in Melbourne, but the engineering team building the platform is offshore, so you'll be passed their work, identify what's broken or risky, and drive the influence to get it fixed.
You'll be working closely with stakeholders locally and internationally, balancing pragmatism with security rigour. The role may not stay embedded in this one program forever, and could shift to augment other work as the business needs.
What Will Land You an Interview? - Strong familiarity with NIST frameworks.
- A genuine shift-left lean - hands-on experience with GitHub Advanced Security and/or SAST/DAST/SCA tools, and a solid understanding of pipeline and code vulnerability management. Not just tool integration - actually securing the pipeline.
- Infrastructure experience: AWS, CI/CD, DevSecOps.
- Australian citizenship or PR, no exceptions.
- SABSA, CISSP, or AWS certifications are nice-to-haves, not must-haves.
Want to throw your hat in the ring? - You have hands-on experience securing business and technology projects, not just narrow technical domains.
- You can go deep on your stated areas of expertise. Not surface level, genuinely deep. You're comfortable being probed on the detail.
- You know when to muck in and fix a problem, and when to escalate it. You don't default to the risk register when the situation calls for rolling up your sleeves.
- You can hold a room. You're confident communicating technical risk to senior stakeholders in plain language and know how to bring non-technical people on the journey.
How to apply… Your application is completely confidential. Only you and I will know. Want to chat about what you’re looking for? Reach out anytime.
Click APPLY or email me directly at mpearman@decipherbureau.com for an informal, 100% confidential conversation.
We’re committed to diversity and inclusion. All qualified applicants will be considered fairly, regardless of race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.