Security Consultant, Application Security

Overview
Join to apply for the
Security Consultant, Application Security
role at
CyberCX
.
The world is full of wicked problems to solve.
That's why we need you. The challenge of finding vulnerabilities that no one else has found is what gets you out of bed each morning. You're at your best when using your skills to solve problems that tackle the most critical challenges facing Australian enterprises and governments today. You bring your whole self to work, because checking your personality at the door isn't for you. We are open to candidates located in any Australian capital city.
The work we do matters
We protect and defend our customers and communities by providing the widest range of cyber security professional services in the region. With more than 1,400 team members across Australia, New Zealand, the UK and US, we are a leading force in cyber security, offering services from strategy, GRC, managed security services, cloud security, digital forensics and cyber education. If you're ready to work with teammates that get you, a leader that supports you and customers that need you, then you're ready for CyberCX.
Unimagined opportunity with our Security Testing & Assurance team
On our team, you get access to an unmatched range of customers, work on unique projects and do it while working alongside some of the best in the industry. Join our innovative team based across Australia & New Zealand, where we collaborate with organisations to build and maintain secure applications. A unique opportunity to be at the forefront of safeguarding critical systems and data across diverse sectors, while collaborating with top-notch professionals. We celebrate our craft (think Hack of the Month), share our discoveries (internal conferences where we share our research) and you've probably seen our team at local meet ups and cons because we support and encourage them to get involved.
What This Role Involves
Deliver a wide range of Application Security services, including but not limited to secure code reviews, software assurance maturity model reviews, threat modelling, DevOps security reviews and tooling integrations, secure standards documentation and general AppSec consulting services.
Day to day you will:
Deliver Application Security services such as threat modelling, Secure SDLC reviews and secure development training to organisations
Build out and promote strong, long-lasting relationships with a diverse range of customers, and identify and explore opportunities within existing and new customers.
Act as a subject matter expert and technical leader both within STA and externally across practice for Application Security services.
Prepare high quality reports detailing security issues, making recommendations, and identifying solutions, and lead presentations and discussions with customers around Application Security work performed, key results, strategies, processes recommendations and next steps/roadmap to success
Ensure that KPIs around client expectation management, delivery deadlines, quality of work and deliverables etc are met, including maintaining visibility of project budget vs actual delivery time and flowing up deviations.
Assist with the development of standardised methodologies, identifying and building tools, and improve processes
Skills and experience
Please note that due to the nature of this role, it is a mandatory requirement that all applicants are Australian citizens or permanent residents.
1+ years of experience in relevant areas such as application security, product security, penetration testing, DevOps and/or software development, including but not limited to the following:
Conducting threat modelling exercises and design reviews
Building, supporting and implementing automated security testing tools
Implementing DevSecOps processes and managing CI/CD pipelines
Conducting secure code reviews for various languages and frameworks
Performing Secure SDLC and Secure DevOps reviews against industry standards such as OWASP SAMM and NIST SSDF
Experience with containerisation and Infrastructure as Code (IaC)
Interested but don't meet every item listed above? If you're excited about this role but your experience doesn't align precisely, please still apply. You could be just the right person for this role and CyberCX.
Benefits
Flexible working in a hybrid arrangement (a blend of office and WFH) with modern and comfortable workplaces that accommodate different working styles
Salary packaging options (such as a novated car lease)
Health & Wellbeing program including access to our employee assistance service, mental wellness leave, online CyberCX Wellbeing Centre and workplace mental health first aiders
Discounts on health insurance and gym membership plus savings on everyday groceries, electronics, technology, fuel, travel and more
Personalised development planning, access to training and membership to industry organisations
Employee interest groups and communities including a comprehensive Women in Cyber program
Be yourself.
We embrace diverse perspectives, experiences, and backgrounds. Please let us know if you require additional support or adjustments to assist with your recruitment experience.
Where appropriate, the CCX Talent Team will work with our preferred panel of agencies. Fees will not be paid for unsolicited resumes that are submitted directly to hiring managers and not through our approved process.
Seniority level
Entry level
Employment type
Full-time
Job function
Information Technology
Industries
Computer and Network Security
Referrals increase your chances of interviewing at CyberCX by 2x
Get notified about new Application Security Consultant jobs in Australia.
We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr