Join to apply for the
Application Security Lead
role at
Cbus Super Fund 2 days ago Be among the first 25 applicants Join to apply for the
Application Security Lead
role at
Cbus Super Fund Get AI-powered advice on this job and more exclusive features. Direct message the job poster from Cbus Super Fund About Cbus Created by workers, for workers, Cbus Super is one of Australia’s most successful Superannuation funds. For almost four decades we’ve proudly represented those who help shape Australia, hard-working individuals who deserve to make the most of their retirement, no matter the industry. As an award-winning fund we’ve been recognised for the benefits provided to our members and our innovative investment approach. All while staying committed to our member first ethos as a proud Industry Fund. About the Role We’re looking for a passionate and experienced
Application Security (AppSec) Lead
to join our internet-facing software engineering team. This is a unique opportunity to shape the security posture of customer-facing applications and services, working at the intersection of engineering and security. This role combines
hands-on technical expertise
with
strategic leadership, ensuring secure design, development, and deployment of customer-facing systems. This role demands strong subject matter expertise in
enterprise secure development practices, along with the ability to influence and drive process improvements across the organisation. Working across multiple complex projects, the AppSec Lead will engage with a wide range of internal and external stakeholders to ensure alignment with Cbus’ security policies, standards, and control frameworks. Key Accountabilities: Drive threat modeling,
secure coding practices, and security automation. Collaborate with developers to integrate security into CI/CD pipelines and monitor for vulnerabilities in code and dependencies. Collaborate with developers, architects, security engineers, and external vendors to promote secure coding and engineering standards across all stages of development. Partner with security, risk, compliance, and delivery teams to identify, assess, and address cybersecurity risks, ensuring implementation of agreed controls. Conduct and facilitate threat modelling and application-level risk assessments and perform security evaluations on both internal and third-party applications. Elicit and translate key business requirements into actionable security requirements to ensure alignment with Cbus’ security objectives. Define, track, and report on key security metrics to measure application security posture and communicate findings to stakeholders. Provide security training and mentor developers/peers, participate in code reviews, and promote a culture of security awareness. Contribute to secure system architecture design and define cyber and information security requirements for projects and transformation initiatives. Support service transition into Security Services Governance and Ops teams, assist with regulatory compliance activities, and translate technical risks into business impacts. About You You’re a seasoned security professional with a robust
foundation in software engineering
and deep expertise in
application and API security
across web, mobile, and cloud environments. You’re confident leading strategic initiatives,
influencing architecture decisions, and translating complex security concepts into clear, actionable guidance for diverse stakeholders. Whether
driving secure SDLC practices,
shaping threat modelling frameworks, or aligning security with business goals, you’re passionate about building secure, scalable systems that enable innovation and resilience. Your Skills & Experience Extensive Application Security or Software Engineering experience with a security focus. Tertiary qualifications in IT, Software Engineering, Cybersecurity or relevant certifications (CISSP, CCSP, GSSP, GWAPT, etc). Strong understanding of
web application security
(OWASP Top 10, API security, etc.). Strong ability to
conduct threat modelling
and s ecurity assessments of applications
(Web/Mobile/SaaS) is crucial for this role. Experience with
secure SDLC, DevSecOps, and
cloud-native architectures
(AWS, Azure, GCP) Excellent communication and leadership skills. Familiarity with container security and modern development environments. Display strong understanding of Infrastructure as Code (Terraform, CloudFormation, Ansible). Familiarity with CI/CD tools (Jenkins, Azure DevOps) and Agile practices and experience in automating security processes would be advantageous. Knowledge of regulatory requirements (e.g., CPS234, Privacy), awareness of current and emerging cybersecurity threats and ability to assess their potential impact on Cbus’ major stakeholders would be beneficial. Strong communication skills, ability to explain security concepts and issues to business stakeholders. Belong at Cbus We value difference, and embrace people with diverse backgrounds, experiences, gender identities, abilities and thinking styles. We believe that, with diversity of perspectives and experiences, you get better teams and outcomes. We’re looking for people of all genders, races, nationalities, orientations and of all abilities to join us. We’re keen to hear from you If you've read through the requirements of this role and you feel like you haven’t fully met the criteria, we would still encourage you to apply. We're aware of accessibility barriers when it comes to applying for a job and we want to help. If you require assistance with your application, please contact our Talent Acquisition Team via careers@cbussuper.com.au Like to know more about working with Cbus? Listen to some of our videos with members of the Cbus team on our website, cbussuper.com.au/careers Applications Close:
15 September 2025 This is
permanent full-time
position based in
Melbourne. To be considered, all applicants must have working rights in Australia. Agencies, please note: All Cbus vacancies are managed by our internal Talent Acquisition Team. Should external assistance be required we will reach out to our preferred agency partners, Thank you. Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Information Technology Referrals increase your chances of interviewing at Cbus Super Fund by 2x Get notified about new Application Security Manager jobs in
Melbourne, Victoria, Australia. Security Engineering Manager - Vulnerability Management, Application Security (Remote ANZ)
Melbourne, Victoria, Australia 1 week ago Melbourne, Victoria, Australia 2 weeks ago Senior Consultant SpiderLabs - Penetration Tester (Sydney, Melbourne, Canberra)
Melbourne, Victoria, Australia 3 months ago Melbourne, Victoria, Australia 3 days ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
📌 Application Security Lead
🏢 Cbus Super Fund
📍 Melbourne