Application Security Specialist

Join to apply for theApplication Security Specialistrole atASIC
1 day ago Be among the first 25 applicants
Join to apply for theApplication Security Specialistrole atASIC
Get AI-powered advice on this job and more exclusive features.
At ASIC, you can be the change that ensures a fair, strong and efficient financial system for the benefit of all Australians.
Contribute to delivering on ASIC's purpose, vision, and strategic priorities to help maintain the integrity of the financial system and protect consumers from harm.
ASIC's Cyber Security Group is seeking a skilled Application Security Specialist to join their Application Security Engineering team to provide ongoing application security support and guidance across the organisation.
Sydney, Melbourne and Brisbane locations
24 Month Fixed Term position
Salary from $123,444 to $144,386 (depending on experience) + 15.4 % superannuation
Applications will close at 11:59pm AEST, Sunday 7 September 2025
The team
ASIC's Cyber Security Group delivers a broad range of services across the organisation which include security architecture and design, incident response, and cyber assurance.
We leverage advanced security technologies with a growing emphasis on automation and analytics to help ASIC become a best-in-class regulator for Australia's financial markets.
The role
As an Application Security Specialist, you will help lead the product security and application security initiatives ensuring that security is integrated into every aspect of the software development lifecycle and deployment processes.
As part of the role, you will also support the cyber assurance function and the delivery of the Cyber Uplift Program of works.
More Specifically, You Will
Collaborate with development teams to design secure solutions and embed security throughout the software development lifecycle (SDLC).
Provide timely guidance on securing applications, APIs, middleware and development pipelines.
Define and guide secure architecture practices across code repositories and project activities.
Support Shift-Left initiatives by integrating security early in the SDLC.
Manage and coordinate penetration testing activities.
Conduct application security testing, including penetration testing, vulnerability scanning and assessments.
Collaborate with engineering teams to perform secure code reviews for applications and cloud infrastructure.
Assist IT teams in analysing and remediating vulnerabilities, design flaws, and configuration weaknesses.
Support the Cyber Assurance team in delivering application security assurance.
About You
The ideal candidate for the Application Security Specialist role at ASIC is a technically skilled and security-focused professional with a strong background in application and product security.
They will be adept at embedding security throughout the software development lifecycle and supporting broader cyber assurance initiatives.
In Addition, You Will Have
Bachelor's degree in Computer Science or a related field, and/or 5+ years of software development experience with demonstrated expertise in application security.
Proven experience securing applications built on modern architectures such as microservices, single-page applications and serverless environments.
Strong knowledge of secure coding practices and mitigation of common vulnerabilities (e.g. OWASP Top Ten: SQLi, XSS, CSRF).
Familiarity with security testing frameworks and tools such as OWASP ASVS and Snyk.
Experience securing cloud-based and containerised applications, CI/CD pipelines and APIs.
Skilled in developing threat models and facilitating threat modelling workshops with developers and architects.
Proficient in conducting penetration testing, vulnerability scanning, and using tools such as SAST, SCA, DAST and IAST.
Hands-on experience with at least one programming or scripting language (e.g. Java, .NET, Python, JavaScript).
Experience with web technologies such as Node.js, ReactJS, AngularJS and JSON.
Hands-on experience conducting penetration testing of web applications to identify security weaknesses is desirable but not essential.
Click 'apply' to start your application.
Applications will close at 11:59pm AEST, Sunday 7 September 2025.
About ASIC
ASIC's remit is one of the broadest of regulators across the world.
ASIC regulates corporations, markets, financial services and consumer credit and monitors and promotes market integrity and consumer protection in the Australian financial system.
Through our enforcement work, we hold to account those who contravene the law, working to achieve strong outcomes that address the greatest consumer and investor harms.
ASIC is committed to a providing a diverse and inclusive workplace where the very best talent in Australia chooses to work.
Indigenous Australians are encouraged to apply as well as applicants from all backgrounds and with different abilities.
We Offer a Range Of Employee Benefits Including
Attractive superannuation
Additional leave entitlements
50/50 hybrid work-from home model
Flexible work arrangements
Assistance for study and professional development
Click here to view ASIC's salary and benefits guide.
To read more about ASIC, you can visit our website or review our Corporate Plan.
To work with us, you need to be an Australian citizen and be prepared to complete an ASIC Suitability and Baseline Assessment.
Seniority level
Seniority level
Mid-Senior level
Employment type
Employment type
Temporary
Job function
Job function
Information Technology
Industries
Government Administration
Referrals increase your chances of interviewing at ASIC by 2x
Sign in to set job alerts for "Application Security Specialist" roles.
We're unlocking community knowledge in a new way.
Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr