What's the role?
This role is part of the broader Vulnerability Management Services (VMS) uplift, focusing on integrating Cloud and API based scanning and automation capabilities into the CPC VMS platform. The initiative supports risk based vulnerability prioritisation, external attack surface management, and compliance monitoring across Westpac's enterprise environments.
Deliver API integration and automation for vulnerability scanning and remediation workflows within the CPC VMS team. The role ensures secure, scalable, and efficient API driven processes that align with Westpac's security standards and regulatory obligations while driving the growth into Cloud.
Key Responsibilities:
• API Development & Integration:
* Design, build, and maintain secure APIs for VMS workflows (e.g., Tenable, Noname API Security, and related platforms).
* Implement automated data ingestion and reporting pipelines for vulnerability data into platforms like Palantir and ServiceNow.
• Security Engineering:
* Apply DevSecOps principles to integrate API solutions into CI/CD pipelines (Jenkins/GitLab).
* Ensure compliance with SOX controls and Westpac security policies.
• Operational Support:
* Maintain authenticated scan coverage and resolve API related issues impacting vulnerability scanning.
* Collaborate with CPC and ISG teams to onboard new platforms and services into API enabled scanning scope.
• Continuous Improvement:
* Optimise API performance and security posture.
* Contribute to roadmap initiatives such as Risk Based Automated Vulnerability Prioritisation (RBAV) and Cloud Configuration Control Verification Service (CCCSV).
What do I need?
* Strong proficiency in Python and API development (RESTful services).
* Extensive experience working within Westpac Mesh API Ecosystem.
* Hands on experience with Tenable Security Center, Nessus, and vulnerability scanning tools.
* Knowledge of CI/CD orchestration (Jenkins, GitLab) and secure coding practices.
* Familiarity with ServiceNow, BPIV procedures, and Westpac Change Management processes.
* Solid understanding of network security (Firewalls, WAF) and authentication protocols (LDAP, AD).
* Deep understanding of Westpac Cloud ELZ (AWS and Azure) and Westpac Container ecosystem (OpenShift and ELZ Cloud).
* Experience with Westpac Architecture, SBD, and wider Security Portfolio.
Why join us?
We're obsessed with becoming our customers' #1 banking partner for life and we're looking for people who are passionate about helping us achieve that goal. In return, we're committed to making Westpac the best place to work in the country. Here are just a few of the ways we're already doing that:
* Special offers on banking products and discounts from top brands, including generous employee-only mortgage rates
* Flexible work arrangements to help you achieve a greater work/life balance, and a variety of leave options including Culture, Lifestyle and Wellbeing leave.
* Tailored learning and development opportunities to help your grow your career within the bank.
* Lots of opportunities to 'give back' to the Community by getting involved in our many volunteering initiatives.
Create your future today
To get started, simply click on the APPLY or APPLY NOW button
We're all about creating a supportive and inclusive community. We welcome everyone – no matter your age, gender, background, or abilities. We also provide additional support to welcome our veterans, Indigenous Australians and neurodiverse community.
If you need any adjustments during the recruitment process, you can find out more information and additional contact details by visiting the "People with Disability and/or needing Accessibility Requirements" page on our website.