Senior Application Security Engineer (AU)DroneShield is a global provider of counterdrone defense solutions, specializing in C-UxS AI, RF sensing, AI/ML, Sensor Fusion, Rapid Prototyping & MIL-SPEC manufacturing.
Work with cutting-edge technology, making the world a safer and more secure place.
DroneShield (ASX:DRO) offers an opportunity to solve some of the world's most challenging technical problems in Electronic Warfare, Artificial Intelligence, Machine Learning, RF sensing, Sensor Fusion, and distributed systems.
You will work with high-profile customers across militaries, government agencies, airports, critical infrastructure, law enforcement, and many others.
This role is based in the DroneShield Sydney headquarters in Pyrmont, Sydney.
There are approximately 200 staff in the 4,000sqm facility today, scheduled to grow to approximately 300 staff by the end of 2026.
Overseas presence includes Virginia (USA), Denmark, Germany, and Dubai, as well as distributors in over 70 countries globally.
About the roleDroneShield is seeking a Senior Application Security Engineer and Pentester with relevant experience to join the team in Sydney, NSW.
The ideal candidate will be responsible for enhancing a secure SDLC framework and application defenses, additionally conducting sophisticated security assessments.
Key responsibilities include: Assuring the security of Production Applications and PlatformsUsing your initiative to enhance our secure SDLC, CICD platform, and reduce Toil for EngineersManaging multiple concurrent projectsThe successful candidate should have a strong background in computer science or relevant certifications, demonstrated experience in application security in high-stakes environments, and deep technical expertise in modern app security and application architectures.
They should also possess effective communication skills.
This position offers the opportunity to contribute to the security of a platform with complex threat models.
There will also be opportunities for Red Teaming and exposure to Hardware and Embedded security.
Responsibilities, Duties and Expectations: Develop an advanced secure SDLC framework, incorporating automation, machine learning, and contextual threat analysisEnsure software meets high security, privacy, and compliance standardsEnhance web application and API defenses using the latest techniquesConduct sophisticated security assessments and penetration testingSupport developer productivity by prioritizing developer tooling that reduces Toil and improves User ExperienceOwn key metrics around product security incidents and risk trendsPromote continuous learning and improvement within the teamManage multiple concurrent projects and solve cross-product problemsEstablish partnerships and champion quality throughout the organizationQualifications, Experience, and Skills: BS degree in Computer Science, Information Technology, or similar technical field of study or equivalent practical experience.Demonstrated experience working in application security in high-stakes environmentsMinimum 5 years' experience in related roles, which could include:Security EngineerApplication Security EngineerReverse EngineerSoftware EngineerPenetration TesterEssential knowledge includes:Comfortable on the command line in a Linux-first environmentPenetration TestingApplication Security Reviews and Threat ModellingAbility to write software (Python, Go, etc.)
and peer review code/implementation/automation scriptsFamiliarity with RESTful, RPC APIsModern app security and application architecturesStrong expertise in software engineering best practicesExperience working within production environments and understanding security risks in Continuous Integration/DeliverySAST, DAST, SCADesirable knowledge includes:Red Teaming, reverse engineering, security researchCloud Security (Azure/AWS)Developing and implementing automated security testing toolsHardware and Embedded Security Note for recruitment agencies: we do not accept floated candidates from external recruiters unless they were instructed to do so. #J-18808-Ljbffr