Application Security Consultant

Details of the offer

Your new team: The Application Security team, a part of the wider Cyber Security team, partners with our engineering teams to enable DevSecOps by integrating security into the software development lifecycle through the following services:
Tooling and Automation: Embedding security tools and automation into the SDLC (such as Snyk and GitHub Advanced Security) to allow developers to self-identify security issues early in the development cycle.Training: Delivering training on secure development practices to engineering teams via our e-learning platform, AppSec Champions academy, brown-bag sessions, and tailored in-person workshops.Consulting and Code Review: Providing specialist code review and practical security advice to development teams, with a focus on ensuring that secure development practices are in place from day one, developing patterns and practices, and helping solve development-time security challenges.Your impact and contribution: As the Application Security Consultant, you will work across development and automation, while supporting the wider Cyber Attack teams. You will deliver Application Security services including training developers, supporting our AppSec Champions program, and developing and governing application security tooling.
Provide advice on code security in the software development lifecycle.Develop and/or conduct training and support guides on best practice secure coding for application development.Support static, dynamic, and other security analysis tools, and help to identify and triage findings from these tools.Perform manual code review where required.Experiment with, develop, maintain, and/or operate tools for application security automation such as fuzzers, code scanners or other tools with a focus on AI.We are interested in people who: This role is for someone with a background in software development with a strong understanding of cyber security (or vice-versa).
Development experience working across one of either Java, Python, or C# - essential.Experience across CI/CD/DevSecOps - essential.Offer expert knowledge across best practice software security including OWASP Top 10 or ASVS frameworks - highly regarded.Understanding or experience in AI/LLM development - highly regarded.Experience in using or operating application security tools such as Snyk, CodeQL and Burp Suite - highly regarded.Support reporting and governance activities, including delivery of metrics, development of standards and procedures, and liaise with risk management colleagues.
#J-18808-Ljbffr


Nominal Salary: To be agreed

Source: Jobleads

Requirements

Tiktok | Senior Security Engineer - Application / Product Security | Sydney (Haymarket)

Senior Security Engineer - Application / Product Security About the Company TikTok is the leading destination for short-form mobile video. At TikTok, our mis...


Tideri Jobbörse - New South Wales

Published 14 days ago

Senior Software Engineer

Sydney is preferred, but all Aussie applicants are welcome! Opportunities to advance your career as the company grows. Impactful and rewarding role helping ...


Mosh - New South Wales

Published 14 days ago

Ernst & Young Advisory Services Sdn Bhd | Smsf Senior Consultant | Sydney (Haymarket)

What is the impact of your work could have impact beyond your workplace? At EY we believe that whoever you are, your uniqueness helps us stand apart. We brin...


EY - New South Wales

Published 14 days ago

Software Architect

Work with cutting edge technology, making the world a safer and more secure place. Our Client offers an opportunity to solve some of world's most challenging...


Sonitec - New South Wales

Published 14 days ago

Built at: 2024-12-23T10:32:24.018Z