Key skills
AWSAzureCloudCyber SecurityJavaPythonAgileLeadershipStakeholder ManagementRisk ManagementCommunication
About this role
Role Overview
- Ensure respective policy, standards, processes and controls meet regulator and compliance expectations
- Support meeting departmental budgets
- Ensure controls and timely completion of findings and treatment plans
- Ensure and drive security outcomes relating to software development and devops practices
- Ensure and optimize dynamic application security testing tools and API security solutions
- Ensure tools are configured correctly and operating efficiently to provide maximum protection
- Utilize a variety of testing methodologies and tools to uncover potential threats and risks while eliminating the false positives
- Enhance and update application dynamic testing methodologies, processes and standards documentation
- Document and evangelize secure API design patterns
- Build and promote code libraries for API security
- Automate continuous security testing of APIs
- Consult with development teams to educate and improve awareness of secure standards and practices
- Support and champion the development of secure and reusable code across development teams to eliminate gaps identified in dynamic and API security testing
- Develop or use tooling to identify security vulnerabilities within our web application footprint
- Produce clear and accurate reporting for stakeholders
- Work with Cyber Engineering & Platforms teams to expand coverage and integrate dynamic and API security testing
- Work with Detection & Response and other Cyber Security teams to ensure critical exposures are mitigated in a timely manner
- Extend support on remediation of dynamic application testing and API vulnerabilities discovered through scanning and security testing
- Help manage the organization's vulnerability intake and remediation process
- Support incident response efforts as required
- Stay abreast of current and emerging technologies, threats and vulnerabilities, and best practice protection methods
- Research and analyze application behaviors to improve security and stability
- Contribute to the evolution of the organization's application security functions and services
- Other activities as required by management
Requirements
- 3 years of experience working in a Application Security, consulting or related role
- Delivery / execution of API security and dynamic security testing across NAB
- Implement security controls across API Gateways
- Stakeholder management
- Risk management and compliance
- Experience in securing APIs and Dynamic/Runtime security scanning
- DevOps operating model and technologies
- Development skills
- Vulnerability management
- Working experience in Cloud technologies – AWS and/or Azure
- Hands on with coding: Scripting using Java/Python
- Excellent verbal and written communication skills
- Experience with security tools in SAST (static code testing), SCA (software composition analysis), CSS (container security), DAST (dynamic security testing)
- Tertiary qualified with a Degree in Information Technology or related.
- Having a industry leading cyber security certifications will be a plus
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Java
- Python
Benefits
- Generous compensation and benefit package
- Attractive salary
- 20-day paid annual leave and 7-day paid sick leave
- 13th month salary and Annual Performance Bonus
- Premium healthcare for yourself and family members
- Monthly allowance for team activities
- Premium welcome kit and occasional gifts of appreciation
- Extra benefits on your work anniversary
- Large scale products with modern technologies in banking domain
- Clear roadmap for career advancement in both technical and leadership pathways
- Access to digital learning platform such as Udemy
- Consistent and high-quality leadership training through the Distinctive Leadership program (DLP)
- Specialist capabilities and accreditations in key skill areas such as Cloud Engineering, Digital, Data, Security and SREs (Site reliability engineers)
- Sponsored English course with native teachers
- Opportunity for training in Australia
- Hybrid working model and excellent work-life balance
- State-of-the-art & modern Agile office
- Food and beverages in the office pantry
- Employee Assistance Program to improve your physical and mental health
- Annual team activities and company events
- A solid and talented team behind you – great people who love what they do