We are on the lookout for an experienced Senior Application Security Engineer to join a Product Security team in Sydney, NSW. In this role, you’ll shape the security landscape of cutting-edge products, including hardware, firmware, web apps, cloud solutions, and AI-driven platforms.

As part of a focused, agile team, you’ll drive impactful initiatives that scale the security efforts - eliminating entire bug classes, automating controls, and embedding security into every stage of development. This is more than a traditional AppSec role - it’s an opportunity to work across complex systems, contribute to Red Teaming, and gain exposure to hardware and embedded security.

Key Responsibilities
•Secure SDLC Leadership: Design and implement an advanced secure software development lifecycle, incorporating automation, machine learning, and contextual threat analysis.
•Application & Platform Security: Ensure web applications, APIs, and platforms meet the highest security, privacy, and compliance standards.
•Security Assessments: Conduct sophisticated security reviews, threat modeling, and vulnerability assessments.
•Developer Enablement: Boost developer productivity by enhancing security tooling and streamlining workflows.
•Project & Risk Management: Own key metrics around product security incidents and risk trends while managing multiple projects.
•Cross-Functional Collaboration: Partner with engineering, product, and leadership teams to champion security best practices across the organization.

Qualifications & Experience
•Education: Bachelor’s degree in Computer Science, Information Technology, or a related technical field (or equivalent experience).
•Experience: Minimum 5 years in application security, software engineering, or related roles.
• Core Skills:
•Hands-on engineering expertise in Linux environments.
•Proficiency in Python, Go, or similar programming languages.
•Experience with RESTful APIs, modern application architectures, and best practices.
•In-depth understanding of SAST, DAST, and SCA tools.
•Proven ability to identify and remediate vulnerabilities across web, mobile, and cloud platforms.
•Knowledge of CI/CD pipelines and security risks within production environments.

Desirable Skills (Bonus Points!)
•Red Teaming: Experience with penetration testing, reverse engineering, or security research.
•Cloud Security: Familiarity with AWS or Azure environments.
•Automation: Developing and deploying automated security testing tools.
•Hardware & Embedded Security: Exposure to securing embedded systems and IoT devices.

Ready to shape the future of product security? Apply now and become a key player in securing cutting-edge technology! Or you can email me at [email protected]