Application Security Lead

3 days ago


Melbourne, Victoria, Australia Cbus Super Fund Full time

Join to apply for the Application Security Lead role at Cbus Super Fund

2 days ago Be among the first 25 applicants

Join to apply for the Application Security Lead role at Cbus Super Fund

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Cbus Super Fund

About Cbus

Created by workers, for workers, Cbus Super is one of Australia's most successful Superannuation funds. For almost four decades we've proudly represented those who help shape Australia, hard-working individuals who deserve to make the most of their retirement, no matter the industry. As an award-winning fund we've been recognised for the benefits provided to our members and our innovative investment approach. All while staying committed to our member first ethos as a proud Industry Fund.

About the Role

We're looking for a passionate and experienced Application Security (AppSec) Lead to join our internet-facing software engineering team. This is a unique opportunity to shape the security posture of customer-facing applications and services, working at the intersection of engineering and security. This role combines hands-on technical expertise with strategic leadership, ensuring secure design, development, and deployment of customer-facing systems.

This role demands strong subject matter expertise in enterprise secure development practices, along with the ability to influence and drive process improvements across the organisation. Working across multiple complex projects, the AppSec Lead will engage with a wide range of internal and external stakeholders to ensure alignment with Cbus' security policies, standards, and control frameworks.

Key Accountabilities:

  • Drive threat modeling, secure coding practices, and security automation.
  • Collaborate with developers to integrate security into CI/CD pipelines and monitor for vulnerabilities in code and dependencies.
  • Collaborate with developers, architects, security engineers, and external vendors to promote secure coding and engineering standards across all stages of development.
  • Partner with security, risk, compliance, and delivery teams to identify, assess, and address cybersecurity risks, ensuring implementation of agreed controls.
  • Conduct and facilitate threat modelling and application-level risk assessments and perform security evaluations on both internal and third-party applications.
  • Elicit and translate key business requirements into actionable security requirements to ensure alignment with Cbus' security objectives.
  • Define, track, and report on key security metrics to measure application security posture and communicate findings to stakeholders.
  • Provide security training and mentor developers/peers, participate in code reviews, and promote a culture of security awareness.
  • Contribute to secure system architecture design and define cyber and information security requirements for projects and transformation initiatives.
  • Support service transition into Security Services Governance and Ops teams, assist with regulatory compliance activities, and translate technical risks into business impacts.

About You

You're a seasoned security professional with a strong foundation in software engineering and deep expertise in application and API security across web, mobile, and cloud environments. You're confident leading strategic initiatives, influencing architecture decisions, and translating complex security concepts into clear, actionable guidance for diverse stakeholders. Whether driving secure SDLC practices, shaping threat modelling frameworks, or aligning security with business goals, you're passionate about building secure, scalable systems that enable innovation and resilience.

Your Skills & Experience

  • Extensive Application Security or Software Engineering experience with a security focus. Tertiary qualifications in IT, Software Engineering, Cybersecurity or relevant certifications (CISSP, CCSP, GSSP, GWAPT, etc).
  • Strong understanding of web application security (OWASP Top 10, API security, etc.).
  • Strong ability to conduct threat modelling and security assessments of applications (Web/Mobile/SaaS) is crucial for this role.
  • Experience with secure SDLC, DevSecOps, and cloud-native architectures (AWS, Azure, GCP)
  • Excellent communication and leadership skills.
  • Familiarity with container security and modern development environments.
  • Display strong understanding of Infrastructure as Code (Terraform, CloudFormation, Ansible).
  • Familiarity with CI/CD tools (Jenkins, Azure DevOps) and Agile practices and experience in automating security processes would be advantageous.
  • Knowledge of regulatory requirements (e.g., CPS234, Privacy), awareness of current and emerging cybersecurity threats and ability to assess their potential impact on Cbus' major stakeholders would be beneficial.
  • Strong communication skills, ability to explain security concepts and issues to business stakeholders.

Belong at Cbus

We value difference, and embrace people with diverse backgrounds, experiences, gender identities, abilities and thinking styles. We believe that, with diversity of perspectives and experiences, you get better teams and outcomes. We're looking for people of all genders, races, nationalities, orientations and of all abilities to join us.

We're keen to hear from you

If you've read through the requirements of this role and you feel like you haven't fully met the criteria, we would still encourage you to apply. We're aware of accessibility barriers when it comes to applying for a job and we want to help. If you require assistance with your application, please contact our Talent Acquisition Team via

Like to know more about working with Cbus? Listen to some of our videos with members of the Cbus team on our website,

Applications Close: 15 September 2025

This is permanent full-time position based in Melbourne. To be considered, all applicants must have working rights in Australia.

Agencies, please note: All Cbus vacancies are managed by our internal Talent Acquisition Team. Should external assistance be required we will reach out to our preferred agency partners, Thank you.

Seniority level
  • Seniority levelMid-Senior level
Employment type
  • Employment typeFull-time
Job function
  • Job functionInformation Technology

Referrals increase your chances of interviewing at Cbus Super Fund by 2x

Get notified about new Application Security Manager jobs in Melbourne, Victoria, Australia.

Security Engineering Manager - Vulnerability Management, Application Security (Remote ANZ)

Melbourne, Victoria, Australia 1 week ago

Melbourne, Victoria, Australia 2 weeks ago

Senior Consultant SpiderLabs - Penetration Tester (Sydney, Melbourne, Canberra)

Melbourne, Victoria, Australia 3 months ago

Melbourne, Victoria, Australia 3 days ago

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

  • Melbourne, Victoria, Australia Cbus Super Fund Full time

    Join to apply for the Application Security Lead role at Cbus Super Fund2 days ago Be among the first 25 applicantsJoin to apply for the Application Security Lead role at Cbus Super FundGet AI-powered advice on this job and more exclusive features.Direct message the job poster from Cbus Super FundAbout CbusCreated by workers, for workers, Cbus Super is one of...


  • Melbourne, Victoria, Australia beBeeApplicationSecurity Full time $135,000 - $185,000

    Lead Application Security SpecialistThis is a unique opportunity to shape the security posture of customer-facing applications and services, working at the intersection of engineering and security.The role combines hands-on technical expertise with strategic leadership, ensuring secure design, development, and deployment of customer-facing systems.Key...


  • Melbourne, Victoria, Australia beBeeSecurity Full time $100,400 - $143,911

    Application Security LeadThe Cbus Super Fund is seeking a passionate and experienced Application Security Lead to join our internet-facing software engineering team. This role combines hands-on technical expertise with strategic leadership, ensuring secure design, development, and deployment of customer-facing systems.This role demands strong subject matter...

  • Security Officer

    2 days ago


    Melbourne, Victoria, Australia Mss Security Pty Full time

    Security Officer - Control Room page is loadedSecurity Officer - Control RoomApply locations Victoria time type Casual posted on Posted 8 Days Ago time left to apply End Date: September 18, 2025 (20 days left to apply) job requisition id JR5393About the CompanyAs one of Australia's leading security companies, MSS Security is built on teamwork, respect, and...


  • Melbourne, Victoria, Australia beBeeLeadership Full time $200,000 - $250,000

    Job OverviewAs a seasoned Team Lead, you will play a pivotal role in shaping the direction of our Application Security initiatives. Your expertise and leadership skills will be instrumental in driving the successful execution of these programs.Key Responsibilities:Lead high-performing teams to deliver high-quality software in fast-paced...

  • Security Officer

    2 days ago


    Melbourne, Victoria, Australia Mss Security Pty Full time

    Security Officer - Control Room page is loadedSecurity Officer - Control RoomApply locations Victoria time type Casual posted on Posted 8 Days Ago time left to apply End Date: September 18, 2025 (20 days left to apply) job requisition id JR5393About the CompanyAs one of Australia's leading security companies, MSS Security is built on teamwork, respect, and...


  • Melbourne, Victoria, Australia beBeeApplication Full time

    Job DescriptionThis is a unique opportunity to shape the security posture of customer-facing applications and services, working at the intersection of engineering and security. This role combines hands-on technical expertise with strategic leadership, ensuring secure design, development, and deployment of customer-facing systems.This role demands strong...


  • Melbourne, Victoria, Australia Airwallex Full time

    Join to apply for the Senior Application Security Engineer role at AirwallexJoin to apply for the Senior Application Security Engineer role at AirwallexAbout AirwallexAirwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 150,000...


  • Melbourne, Victoria, Australia Airwallex Full time

    About AirwallexAirwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 100,000 businesses worldwide – including Brex, Rippling, Navan, Qantas, SHEIN and many more – with fully integrated solutions to manage everything from business...


  • Melbourne, Victoria, Australia Airwallex Full time

    About AirwallexAirwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 100,000 businesses worldwide – including Brex, Rippling, Navan, Qantas, SHEIN and many more – with fully integrated solutions to manage everything from business...