Application Security Engineer
4 weeks ago
Company Description
Welcome to This Australian Life.
From the millions of Australians we protect, to those that make it happen every day at TAL, people really are what we’re all about. We want to grow with you. Achieve with you. And support you to do your best work. That's why we're focused on developing leadership, promoting diversity, rewarding excellence and retaining great talent.
We're always looking for people who want to go further with us. People who do what’s right, aim high, and work smart. Why not see where we can go?
Job Description
Team Overview:
The AppSec Team focuses on building secure mobile, web and cloud applications throughout their development lifecycle, from start to finish. AppSec is a proactive approach to security that help prevents threats at the initial stages rather than a reactive approach.
As an Application Security Engineer at TAL, you will be responsible for ensuring the security of our applications by implementing and maintaining robust security measures at TAL. You will work closely with development teams to identify and mitigate security vulnerabilities throughout the software development lifecycle. You will also foster security awareness and DevSecOps culture, providing security training to development teams.
Key Responsibilities:
- Ascertain a holistic understanding of TAL’s systems, development workloads and lifecycles.
- Create and update software application security policies and procedures.
- Work closely with the TAL Cyber team to implement security best practices and standards to protect sensitive data and ensure compliance with regulations.
- Collaborate with development teams to integrate security controls into the software development process.
- Conduct security assessments on applications to identify and remediate vulnerabilities.
- Drive response to security incidents, conducting root cause analysis and implementing corrective actions.
- Analyse application code and recommend solutions to identified security issues.
- Execute planned and ad-hoc security scans of software applications, and interpret results for development teams.
- Maintain documentation related to application security processes and controls.
- Providing application security guidance, coaching, and training to development teams and other stakeholders.
- Ensuring the adoption and implementation of application security tools in the DevSecOps lifecycle.
- Gather, manipulate and report on data from application security tools programmatically.
- Work with vendors to tailor application security tools to fit TAL workloads.
- Stay up-to-date on the latest security threats and trends to proactively address potential risks and educate development teams.
Qualifications
- 5-10 years of experience in application security, with a strong background in secure coding practices and vulnerability management.
- Proficiency in using Static Application Security Testing (SAST) such as Checkmarx, Fortify etc, Software Composition Analysis (SCA) such as Blackduck, Snyk, Sonatype etc, and Dynamic Application Security Testing (DAST) tools.
- Working knowledge of platforms like AWS, Azure, or Google Cloud for deploying and managing applications.
- Familiarity with containerisation and Azure Kubernetes Service (AKS) deployment
- Demonstrated secure software development practices, including threat modelling, secure coding guidelines, and secure architecture design.
- Knowledge of common web application vulnerabilities (e.g., OWASP Top 10) and how to remediate them.
- A strong knowledge of programming languages, such as .NET and JavaScript.
- Experience in automating tasks using a scripting language, such as JavaScript, Python and/or Powershell
- Understanding of how to implement SAST/SCA/DAST into DevOps CI/CD pipelines.
- Experience with Agile development methodologies, with working knowledge in project management software (e.g. Jira).
- Ability to effectively collaborate with external vendors, multiple internal stakeholders, and senior management across departments.
- A proven track record of working with development teams to remediate application vulnerabilities.
- A high level of analytical, problem-solving, and decision-making skills.
- Excellent written and verbal communication skills, interpersonal and collaborative skills.
- Penetration testing experience preferred but not mandatory.
Certifications such as CISSP, CEH, or CSSLP are preferred but not mandatory
Additional Information
At TAL we value diversity in all its forms and are committed to fostering an inclusive and equitable culture for all our people. We encourage Aboriginal and Torres Strait Islander people, individuals from all backgrounds, including those with caring responsibilities, people living with disability, and individuals from the CALD and LGBTQI+ communities to apply. Even if you don’t check every box in the criteria above, we encourage you to apply today or get in touch with us here.
To provide you with the best experience, we can accommodate you at any stage of the recruitment process. Simply inform our Recruitment team at any time.
TAL is recognised by the Workplace Gender Equality Agency as an Employer of Choice. We are proud to be a member of Diversity Council Australia and the Australian Network on Disability. For information on our reconciliation journey, take a look at our Innovate Reconciliation Action Plan.
We acknowledge the Traditional Custodians of the Land in which our Head Office is based, the land of the Gadigal people of the Eora Nation, and recognise their deep connections to the land, sea, and culture.
We extend this acknowledgment to the many Traditional Lands that we operate across and pay our respects to Elders past, present, and emerging.
Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves. Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day. Risk management is everyone’s responsibility.
If you are already a TAL employee please apply via the SmartRecruiters button in Workday and navigate to the Employee Portal. This is important to ensure that your application is recorded accurately.
-
Security Guard
4 weeks ago
Melbourne, Australia SSS Security Full timeSECURITY GUARD REQUIRED!!! Easy work and not much experience required! You will be working in a great environment. The position requires the applicant to work flexible hours and has a huge chance possibility that it will turn out to be a regular job, Please ring George if you are interested at 0418-369-200. - REQUIREMENTS: MUST HAVE ABN. - MUST HAVE...
-
Security Engineer
3 weeks ago
Melbourne, Australia Australia and New Zealand Banking Group Limited (ANZ) Full timeSecurity Engineer Security Engineer Req ID: Department: Tech Security Advisory & Engineering Division: Technology Location: Melbourne About the roleRole Location: Melbourne Role Type: 12 Month Fixed Term Contract At ANZ our purpose is to shape a world where people and communities thrive. We’re making this happen by improving our customers’ financial...
-
Security Project Engineer
4 weeks ago
Melbourne, Australia Australia Wide Engineering Recruitment Full timeSecurity Project Engineer (Building Security)The Company: My client is an international service-based system integrator who has been around for >20 years and they design, install and service security, fire alarm, life safety, AV and building automation solutions.About The Role:In this role the successful candidate will have overall responsibility for the...
-
Security Guard
4 weeks ago
Melbourne, Australia BlackTears AUS Security Full timeAre you a motivated individual with a strong sense of responsibility and a passion for security? If so, we want you to join our team! We are currently seeking talented security professionals to work full-time or part-time in a variety of roles. Applicants must be available to work on weekends as our business operates seven days a week. **Role...
-
Security Guard
4 weeks ago
Melbourne, Australia BlackTears AUS Security Full timeAre you a motivated individual with a strong sense of responsibility and a passion for security? If so, we want you to join our team! We are currently seeking talented security professionals to work full-time or part-time in a variety of roles. Applicants must be available to work on weekends as our business operates seven days a week. **Role...
-
Jobs – Security Engineering Senior Engineer
3 weeks ago
Melbourne, Victoria, Australia Telstra Full timeJob Description:As a Security Engineering Senior Engineer, you will provide specialist design, development and deployment of security platforms and solutions for Telstra within Network Security Infrastructure team.The role will be part of a highly skilled, virtual group of technical resources to deliver solutions and platforms used to protect Telstra's...
-
Security System Installer and IT Technician
4 weeks ago
Port Melbourne, Australia Brave Security Full time**Security Technician** We are a small business installing high end access control, CCTV, alarm and intercom systems servicing our customers all over Victoria and on occasion Australia. We seek a 'hands-on' energetic Security Service professional experienced with Security technologies. You will enjoy working in a team and alone. You will be responsible for...
-
Technical Program Manager
1 month ago
Melbourne, Australia Microsoft Full timeOverview Azure Networking operates one of the largest networks in the world! Our Application Delivery product suite comprises of Azure Content Delivery Network (CDN), Azure Front Door, Azure Application Gateway and Azure Web Application Firewall (WAF) products, focused on solving performance, reliability and scale needs for the largest internal...
-
Microsoft Engineer
1 month ago
Melbourne, Australia ignite Full timeContract to June 2024 Federal Government Department Melbourne location Looking to join one of Australia’s most integral federal government departments ? This department helps to make life of all Australians better and is looking for a Microsoft Engineer / Application Packager Working in Melbourne office, you will be involved in s...
-
Melbourne, Australia Advent Security Full time**About the Business** Advent Security Services operate on a national scale and offer our employees job security, opportunities for career progression and continual training and development. With a large client base, including retail, logistics and corporate sites, we can provide you with stability and variety in your role. **About the Role** We are...
-
Melbourne, Australia Microsoft Full timeOverview Azure Networking operates one of the largest networks in the world! Our Application Delivery product suite comprises of Azure Content Delivery Network (CDN), Azure Front Door, Azure Application Gateway and Azure Web Application Firewall (WAF) products, focused on solving performance, reliability and scale needs for the largest internal...
-
Melbourne, Australia Axiom Technologies Full timeAxiom Technologies is an Australia-based entity with a history of providing Managed IT solutions to medium to large-scale enterprises globally. Please visit our website for more information about what we do at www.axiomtechnologies.com We are looking for a capable resource to coordinate ranging from simple activities to more complex plans. About the...
-
Telstra Jobs
1 month ago
Melbourne, Australia Telstra Full timeJob Description: As a Security Engineering Senior Engineer, you will provide specialist design, development and deployment of security platforms and solutions for Telstra within Network Security Infrastructure team. The role will be part of a highly skilled, virtual group of technical resources to deliver solutions and platforms used to protect Telstra’s...
-
Senior Cyber Security Engineer
1 month ago
Melbourne, Australia ignite Full timeOur client – a government owned organization that provides services to the aviation industry, is looking to hire Senior Cyber Security Engineer in Melbourne CBD. Reporting to the Technology Team Lead , you will be responsible for the technical performance, sustainment, and enhancements of one or more operational software-based airways systems,...
-
Cloud Support Engineer
4 weeks ago
Melbourne, Australia Amazon Full timeDESCRIPTIONAs a Cloud Support Engineer you will learn at an accelerated pace how to use and leverage many different cloud technologies to help our customers succeed. You will act as the Cloud Ambassador across AWS products, providing our customers with required tools and tactics to scale their impact in world-wide markets.The Security role supports our...
-
Sr. Product Security Engineer, Investigations
2 weeks ago
Melbourne, Australia CrowdStrike Australia Pty Limited Full time#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We’re looking for people with limitless passion, a relentless focus on innovation and a...
-
Web Application Firewall Manager
1 month ago
Melbourne, Australia Deloitte Full timeJob Requisition ID: 35718 Work in a highly innovative and transformative business Mentoring, growth and training – receive support and coaching to progress your career Preventive and supportive mental health initiatives Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to...
-
Application Security Consultant
4 weeks ago
Melbourne, Australia Wipro Shelde Full time**ABOUT US** Wipro Shelde Australia is a sovereign cybersecurity offering for the Australian market based on the philosophy of defending organisations against modern-day threats while enabling business growth. Our local team of 200+ CyberSecurists work with clients across different industry sectors to manage enterprise risks pertaining to privacy, ESG,...
-
Systems Engineer
4 weeks ago
Melbourne, Australia Logicalis Australia Pty Ltd Full timeJoin us for an enriching journey with our client, a leading British-based confederation of independent NGOs, united in the mission to eradicate global poverty since 1995. We are offering a unique part-time, fixed-term opportunity for a Systems Engineer, working four days a week over six months, with the potential to extend your engagement to a full year....
-
Systems Engineer
1 month ago
Melbourne, Australia Logicalis Australia Full timeJoin us for an enriching journey with our client, a leading British-based confederation of independent NGOs, united in the mission to eradicate global poverty since 1995. We are offering a unique part-time, fixed-term opportunity for a Systems Engineer, working four days a week over six months, with the potential to extend your engagement to a full year....
