Lead Application Security Specialist
About Our Team
We are a forward-thinking organization that values collaboration, innovation and customer satisfaction. We believe in providing opportunities for our employees to grow professionally and personally.
Job Description
We are seeking an experienced Application Security Specialist to lead our application security efforts. In this role, you will develop and implement a comprehensive application security strategy to protect our software development lifecycle (SDLC) and ensure the confidentiality, integrity, and availability of our applications.
You will work closely with cross-functional teams to integrate security into every stage of our SDLC, from design to deployment. This includes establishing and driving the adoption of application security testing frameworks, capabilities, and tooling, as well as providing guidance on secure application design, threat modeling, and risk mitigation for technology stakeholders.
Responsibilities
* Develop and implement a comprehensive application security strategy
* Establish and drive the adoption of application security testing frameworks, capabilities, and tooling
* Provide guidance on secure application design, threat modeling, and risk mitigation
* Scale application security through automation, ensuring security testing is integrated into development pipelines
* Maintain and enhance secure software development guidelines, policies, and best practices
* Oversee and support developers in understanding and remediating security vulnerabilities
* Lead secure coding training initiatives, ensuring development teams are equipped with the latest security knowledge
* Champion security awareness programs and advocate for secure development practices company-wide
Requirements
To be successful in this role, you will require:
* Expertise in SAST, DAST, dependency scanning, and common application security tools
* Deep understanding of security controls, security libraries, and common application security flaws
* Strong knowledge of CI/CD pipeline security integration and automated security testing approaches
* Solid experience with secure software development lifecycle (SDLC) best practices
* Demonstrated ability to identify and address security issues through secure code review
* Hands-on experience with penetration testing methodologies and tools
Benefits
We offer a competitive salary and benefits package, including:
* Flybuysflex | work from anywhere, measured on outcomes
* Two well-being days per year
* Volunteer leave
* Ongoing learning & development programs and opportunities
* My Coles and Wesfarmers team member discount card
* Be Well Programs – Mind/Body/Soul
* Quarterly All Team events
* Hybrid social events
* New starter kit merchandise
What We Offer
We value ways of working that work for everyone and use our different strengths to make us stronger. We work hard to make sure everyone's voice is heard and respected equally, regardless of identity, background, position, ability or lifestyle.
Equal Employment Opportunity
It is a condition of employment that successful applicants undergo a National Police Check prior to commencing.