Application Security Engineer

Ready to make a splash in your career? WaterNSW is seeking an experienced
Application Security Engineer (full-time, permanent)
to join our team.

This is an opportunity to work with an essential organisation creating a more sustainable future for the state.

This role offers the flexibility to work around life, your contribution will be valued, and you'll be supported to build a rewarding career.

Our Perks And Benefits
At WaterNSW, we believe that our employees should be as well taken care of as our rivers, dams, and pipelines, that's why we offer a load of benefits.

• Flexible working.
• Work a 9-day fortnight at Full Pay on the Enterprise Agreement.
• Up to 16 weeks paid parental leave.
• Fertility leave.
• Corporate wear allowance.
• Professional development and educational assistance.
• Access to remote area benefit packaging – based on work location.
• Salary starting from $ 137,125.00 base + 12% super.
• And so much more

What You'll Do

• Embed security into every phase of application development: requirements, design, coding, testing, deployment, and retirement. Work with developers and product owners to enforce secure coding practices.
• Schedule, coordinate, and manage third-party and internal penetration tests. Review reports, validate findings, and ensure timely remediation. Track open issues through to closure.
• Deliver targeted training sessions on secure coding, common vulnerabilities, and tool usage. Provide just-in-time guidance during development sprints.
• Application Security Policies & Standards: Develop, maintain, and enforce application security policies, standards, and checklists in line with best practices such as OWASP and regulatory obligations. Ensure consistency across teams.
• Monitor, React and Compliance: Support incident response when application-level vulnerabilities are exploited. Assist in root cause analysis and post-incident hardening. Provide evidence for audits related to application security controls, testing results, and remediation tracking.

What We Are Looking For

• Tertiary qualifications in computer science, information security, risk management, or a related discipline.
• In-depth understanding of the Secure Software Development Lifecycle (SSDLC) and how to embed security into each phase (requirements, design, coding, testing, deployment, retirement).
• Strong knowledge of common application-level vulnerabilities, including those listed in the OWASP Top 10, and practical strategies to prevent or mitigate them.
• Understanding of DevSecOps principles, including integration of security tools (SAST, DAST, SCA) into CI/CD pipelines.
• Knowledge of secure coding practices across common programming languages (e.g., Java,.NET, Python, ) and frameworks.
• Current NSW Drivers Licence.

How We Will Support You
At WaterNSW, we balance flexibility – and the way we work – with the needs of the business, our teams, and us as individuals.

When it comes to working in an office, we work in a hybrid way. If you're required to be in the field or on site, the benefits of flexibility can be achieved in other ways, such as through a condensed work week.

We are proud to be a WORK180 Endorsed Employer and are committed to providing equal opportunities for women. Visit our WORK180 page to access our benefits and career development opportunities.

More About Our Team / Culture
No matter how or where you work, safety is the number one priority. This means the physical and mental safety of you, your colleagues, and the public.

Who is WaterNSW?
WaterNSW operates the state's dams, capturing and storing water, and then supplying it ready for distribution – for the environment, agriculture, industry and the community. With 41 major dams and hundreds of waterways across the state, we play a vital role at the source of the state's water, delivering two thirds of all water used in NSW.

We're the people taking care of the state's water at the source – capturing, storing, delivering. Find out more at

For more information, please reach out to: Nathan Hollis )

Please note applications for this position will close on 26th November 2025, 5.00pm.

Click for Position Description - Please note this can only be accessed on the WaterNSW Careers Page.

You must have full work rights in Australia to qualify for all positions at WaterNSW.

We are a 2025 Circle Back Initiative Employer – we commit to respond to every applicant.

Privacy and collection of your personal information

If you apply for a position via our website or , WaterNSW may collect your personal information. Please visit WaterNSW's Privacy Page to view the Careers Collection Notice for more information about how WaterNSW collects, uses, and discloses your personal information.

Apply Now