Find jobs in your area of interest

Application Security Lead

Apply now Job no: 53791276
Brand: Australia Post
Categories: Digital
Work type: Permanent Full Time
State: VIC
Location: Melbourne

You might think you know us, but we’re transforming.  

In this rapidly evolving commercial landscape, we’re changing too. And we’re only getting started.

Australia Post’s strategy involves helping our people, customers and communities build a better future delivering to everyone, everywhere, every day. We have strong opportunities ahead to better connect people as we pivot to a digital world.

What will you be doing?

As an Application Security Lead, you will play a key role leading an application security team and provide expertise through review and testing activities to inform and validate the secure design and development of web, mobile, infrastructure and cloud hosted solutions.

The role interfaces and collaborates with multiple teams and stakeholders to provide application security expertise across the entire development lifecycle, including informing secure solution design, validating the security of applications, infrastructure and services, driving adoption and use of secure SDLC through process improvement, application security tooling adoption and, engaging with business stakeholders, enabling the teams to quickly and securely deliver new and innovative world class solutions.

The Application Security Lead partners and works collaboratively with a variety of senior leaders and stakeholders to deliver secure, well-engineered solutions that meet the Australia Post’s requirements. 

What will your day-day look like?

  • Mentoring team members in best practice around information security standards
  • Ensuring application security is an embedded and critical part of the application delivery lifecycle (including during the early stages of projects) regardless of delivery methodology
  • Performing secure solution design assessments, including technical threat modelling
  • Performing secure code review across a variety of programming languages, as well as penetration testing
  • Contributing to and delivering our strategy for application security tooling, including SCA, SAST, IAST and DAST
  • Automating security testing and processes as part of CI/CD
  • Identifying inherent vulnerabilities and information security risks within systems and applications

What are we looking for?

  • Previous experience leading team of Application Security Specialists and Engineers
  • Strong experience with web application and API security, including whitebox and blackbox penetration testing and secure code reviews
  • Experience and comfort in testing a broad range of technology stacks, including previously unfamiliar ones and yet delivering high quality testing coverage
  • Experience with application architecture and secure solution design, including practical application of threat modelling 
  • Experience with cloud application, architectural and infrastructure patterns, in particular GCP and AWS and web application security practices
  • Hands on experience with application security tooling, including SCA, SAST, IAST and DAST
  • Experience with continuous integration and relevant tools such as GitLab, Bamboo, Jenkins or similar
  • Proven experience working with of agile practices and methodologies
  • Previous experience actively fostering a strong DevSecOps culture and understanding of Continuous Delivery, Continuous Integration, “Infrastructure as code”, and related practices and ideas.

You will be comfortable delivering practical security advice, discussing the nature of security findings and recommending mitigations to a broad range of technical and non-technical stakeholders in both written and verbal formats. You are also driven by innovation and continuous improvement culture.

We believe investing in our people is good business. 

That’s why we have a team dedicated to career coaching and support for our employees. And we know that your life outside of work matters. So while we work hard, we also have a culture that promotes a genuine work/life balance. ​ 

Together, our differences make us stronger. ​ 

With a reach across Australia and beyond, we’re building a workforce that’s as diverse as the communities we serve. Learn more about how we're supporting inclusion at Australia Post, here. If you require adjustments at any stage of the recruitment process, please reach out to the Talent Acquisition Diversity Team at inclusivecareers@auspost.com.au. ​ 

Australia Post welcomes applications from Aboriginal and/or Torres Strait Islanders. Check out this short video to find out how we acknowledge and pay our respects to the Traditional Custodians of the land we operate on.   ​ 

Ready to join the transformation of Australia Post? Click apply, to help shape our tomorrow.  ​

Advertised: AUS Eastern Daylight Time
Applications close: AUS Eastern Daylight Time

Back to search results Apply now Refer a friend

Share this:

| More

Already applied?

Check the progress of your application, or update your details.
Log in

Get regular job alerts

Stay up to date about job opportunities with us

Refine search