Application Security Specialist

Overview
Join to apply for the Application Security Specialist role at ASIC.
Locations: Sydney, Melbourne and Brisbane locations.
24 Month Fixed Term position
Salary from $123,444 to $144,386 (depending on experience) + 15.4% superannuation
Applications will close at 11:59pm AEST, Sunday 7 September 2025.
At ASIC, you can be the change that ensures a fair, strong and efficient financial system for the benefit of all Australians.
Contribute to delivering on ASIC's purpose, vision, and strategic priorities to help maintain the integrity of the financial system and protect consumers from harm.
The Team
ASIC's Cyber Security Group delivers a broad range of services across the organisation which include security architecture and design, incident response, and cyber assurance.
We leverage advanced security technologies with a growing emphasis on automation and analytics to help ASIC become a best-in-class regulator for Australia's financial markets.
The Role
As an Application Security Specialist, you will help lead the product security and application security initiatives ensuring that security is integrated into every aspect of the software development lifecycle and deployment processes.
As part of the role, you will also support the cyber assurance function and the delivery of the Cyber Uplift Program of works.
Responsibilities

Collaborate with development teams to design secure solutions and embed security throughout the software development lifecycle (SDLC).
Provide timely guidance on securing applications, APIs, middleware and development pipelines.
Define and guide secure architecture practices across code repositories and project activities.
Support Shift-Left initiatives by integrating security early in the SDLC.
Manage and coordinate penetration testing activities.
Conduct application security testing, including penetration testing, vulnerability scanning and assessments.
Collaborate with engineering teams to perform secure code reviews for applications and cloud infrastructure.
Assist IT teams in analysing and remediating vulnerabilities, design flaws, and configuration weaknesses.
Support the Cyber Assurance team in delivering application security assurance.

About You
The ideal candidate for the Application Security Specialist role at ASIC is a technically skilled and security-focused professional with a strong background in application and product security.
They will be adept at embedding security throughout the software development lifecycle and supporting broader cyber assurance initiatives.
In Addition, You Will Have

Bachelor's degree in Computer Science or a related field, and/or 5+ years of software development experience with demonstrated expertise in application security.
Proven experience securing applications built on modern architectures such as microservices, single-page applications and serverless environments.
Strong knowledge of secure coding practices and mitigation of common vulnerabilities (e.g.
OWASP Top Ten: SQLi, XSS, CSRF).
Familiarity with security testing frameworks and tools such as OWASP ASVS and Snyk.
Experience securing cloud-based and containerised applications, CI/CD pipelines and APIs.
Skilled in developing threat models and facilitating threat modelling workshops with developers and architects.
Proficient in conducting penetration testing, vulnerability scanning, and using tools such as SAST, SCA, DAST and IAST.
Hands-on experience with at least one programming or scripting language (e.g.
Java,.
NET, Python, Java Script).
Experience with web technologies such as Node.js, React JS, Angular JS and JSON.
Hands-on experience conducting penetration testing of web applications to identify security weaknesses is desirable but not essential.

About ASIC
ASIC's remit is one of the broadest of regulators across the world.
ASIC regulates corporations, markets, financial services and consumer credit and monitors and promotes market integrity and consumer protection in the Australian financial system.
Through our enforcement work, we hold to account those who contravene the law, working to achieve strong outcomes that address the greatest consumer and investor harms.
ASIC is committed to a providing a diverse and inclusive workplace where the very best talent in Australia chooses to work.
Indigenous Australians are encouraged to apply as well as applicants from all backgrounds and with different abilities.
We Offer a Range Of Employee Benefits Including

Attractive superannuation
Additional leave entitlements
50/50 hybrid work-from home model
Flexible work arrangements
Assistance for study and professional development

Click here to view ASIC's salary and benefits guide.
To read more about ASIC, you can visit our website or review our Corporate Plan.
To work with us, you need to be an Australian citizen and be prepared to complete an ASIC Suitability and Baseline Assessment.
Seniority level

Mid-Senior level

Employment type

Temporary

Job function

Information Technology

Industries

Government Administration

#J-18808-Ljbffr

---