Application Security Specialist

ASIC Adelaide, South Australia, Australia.
At ASIC, you can be the change that ensures a fair, strong and efficient financial system for the benefit of all Australians.
Contribute to delivering on ASIC's purpose, vision, and strategic priorities to help maintain the integrity of the financial system and protect consumers from harm.
ASIC's Cyber Security Group is seeking a skilled Application Security Specialist to join their Application Security Engineering team to provide ongoing application security support and guidance across the organisation.
Salary and terms: Salary from$123,444to$144,386(depending on experience) + 15.4 % superannuation.
Locations: Sydney, Melbourne and Brisbane.
24 Month Fixed Term position.
Applications close at 11:59pm AEST, Sunday 7 September 2025.
The Team
ASIC's Cyber Security Group delivers a broad range of services across the organisation including security architecture and design, incident response, and cyber assurance.
We leverage advanced security technologies with a growing emphasis on automation and analytics to help ASIC become a best-in-class regulator for Australia\'s financial markets.
The Role
As an Application Security Specialist, you will help lead the product security and application security initiatives ensuring that security is integrated into every aspect of the software development lifecycle and deployment processes.
You will also support the cyber assurance function and the delivery of the Cyber Uplift Program of works.
More Specifically, You Will
Collaborate with development teams to design secure solutions and embed security throughout the software development lifecycle (SDLC).
Provide timely guidance on securing applications, APIs, middleware and development pipelines.
Define and guide secure architecture practices across code repositories and project activities.
Support Shift-Left initiatives by integrating security early in the SDLC.
Manage and coordinate penetration testing activities.
Conduct application security testing, including penetration testing, vulnerability scanning and assessments.
Collaborate with engineering teams to perform secure code reviews for applications and cloud infrastructure.
Assist IT teams in analysing and remediating vulnerabilities, design flaws, and configuration weaknesses.
Support the Cyber Assurance team in delivering application security assurance.
About You
The ideal candidate for the Application Security Specialist role at ASIC is a technically skilled and security-focused professional with a strong background in application and product security.
They will be adept at embedding security throughout the software development lifecycle and supporting broader cyber assurance initiatives.
In Addition, You Will Have
Bachelor's degree in Computer Science or a related field, and/or 5+ years of software development experience with demonstrated expertise in application security.
Proven experience securing applications built on modern architectures such as microservices, single-page applications and serverless environments.
Strong knowledge of secure coding practices and mitigation of common vulnerabilities (e.g. OWASP Top Ten: SQLi, XSS, CSRF).
Familiarity with security testing frameworks and tools such as OWASP ASVS and Snyk.
Experience securing cloud-based and containerised applications, CI/CD pipelines and APIs.
Skilled in developing threat models and facilitating threat modelling workshops with developers and architects.
Proficient in conducting penetration testing, vulnerability scanning, and using tools such as SAST, SCA, DAST and IAST.
Hands-on experience with at least one programming or scripting language (e.g. Java, .NET, Python, JavaScript).
Experience with web technologies such as Node.js, ReactJS, AngularJS and JSON.
Hands-on experience conducting penetration testing of web applications to identify security weaknesses is desirable but not essential.
Application Process
Click 'apply' to start your application.
Applications will close at 11:59pm AEST, Sunday 7 September 2025.
About ASIC
ASIC's remit is one of the broadest of regulators across the world.
ASIC regulates corporations, markets, financial services and consumer credit and monitors and promotes market integrity and consumer protection in the Australian financial system.
Through our enforcement work, we hold to account those who contravene the law, working to achieve strong outcomes that address the greatest consumer and investor harms.
ASIC is committed to a providing a diverse and inclusive workplace where the very best talent in Australia chooses to work.
Indigenous Australians are encouraged to apply as well as applicants from all backgrounds and with different abilities.
We Offer a Range Of Employee Benefits Including
Attractive superannuation
Additional leave entitlements
50/50 hybrid work-from home model
Flexible work arrangements
Assistance for study and professional development
To work with us, you need to be an Australian citizen and be prepared to complete an ASIC Suitability and Baseline Assessment.
#J-18808-Ljbffr