Principal Consultant, Application Security

At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it's all driven by human intelligence.

Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what's possible.

From manufacturing and engineering to cybersecurity and space, we're driving progress in some of the world's most important industries – and working together to build a future we can all trust.

Location - Melbourne or Sydney

OUR BENEFITS

In addition to interesting, engaging opportunities that impact at scale, and ongoing personal and professional development opportunities, Thales Cyber can offer you:

• Competitive remuneration structure
• Hybrid and flexible working options under the Thales Flex program
• Paid parental leave and family support through Parents at Work
• The day off on your birthday each year
• Novated Lease options
• Ongoing personal and professional development opportunities
• Sonder – Wellbeing & Support Partner

ABOUT THALES

Thales delivers cybersecurity products and services that keep people and assets safe, giving organisations confidence in the security of their digital journeys. Our solutions are deployed in 148 countries, helping governments to maintain sovereignty, and organisations to preserve their strategic autonomy.

Thales is a global leader in cybersecurity - no.1 in data security - with 6,000+ experts and developers. We bring trust and resilience to key industries including finance, health, retail and manufacturing, as well as vital sectors such as aerospace, critical infrastructure, defence and space.

YOUR ROLE

As the new Principal Consultant you will spearhead high-impact engagements across hybrid and multi-cloud environments. In this role, you'll lead end-to-end delivery of secure application architectures, API security, DevSecOps integration, and threat protection for major enterprise clients.

You'll act as the technical authority on projects, shaping solutions alongside Cloud and Security Architects, guiding secure designs, and ensuring excellence across WAF, DDoS, API gateways, and secure code pipelines. You'll also mentor engineers, uplift capability, and contribute to pre-sales, practice growth, and stakeholder engagement.

What You'll Do:

• Lead complex application and API security engagements across cloud and hybrid environments
• Own solution quality, delivery outcomes, and technical leadership for major clients
• Design and implement WAF, DDoS, and API security solutions (Cloudflare, Imperva, Azure Front Door, Apigee, AWS/GCP/Azure)
• Embed DevSecOps practices and security tooling into CI/CD pipelines
• Drive automation via IaC (Terraform, Bicep, CloudFormation) and secure deployment patterns
• Mentor AppSec and DevSecOps engineers to uplift capability and delivery consistency
• Engage confidently with technical and executive stakeholders
• Support pre-sales, SoWs, and technical workshops

What You'll Bring:

• Proven Application Security or DevSecOps consulting experience
• Deep experience with WAF, DDoS, API gateways, and secure SDLC
• Strong hands-on capability integrating SAST/DAST/SCA tools into CI/CD
• Cloud-native security expertise across AWS, Azure, or GCP
• Solid understanding of frameworks such as OWASP, Essential Eight, ISO 27001, NIST CSF
• Strong communication and stakeholder engagement skills
• Certifications in cloud or AppSec highly regarded

WE ENCOURAGE YOU TO APPLY

After you have applied, you will receive an email acknowledging your application. We'll then provide a personalised experience for suitable applicants as we progress the selection and assessment process. Prior to being offered employment, you will need to complete pre-employment police and depending on the role type, medical checks as well.

It's easy to dismiss the perfect opportunity if you don't see yourself as the perfect fit. If this role feels right – no matter your background or personal circumstances – please introduce yourself or join our community. We're committed to supporting a diverse workplace, and that starts here.

We're proud to be endorsed by WORK180 as an Employer for All Women, but we know there's always more we can do. We'll continue to foster industry partnerships, employee resource groups (ERGs) and development opportunities to make Thales a genuinely equitable employer, for everyone.

Read more about our WORK180 endorsement.