If you’re looking for a role where your security expertise genuinely makes a difference this is it.
You’ll be joining a major technology-led organisation that’s trusted by millions of users every day. Your work will directly influence how secure design is built into modern cloud platforms, helping protect real people and businesses at scale.
What this role gives you
- Impact that matters your threat modelling and secure design work helps safeguard critical digital services used nationwide.
- Influence and ownership lead the uplift of application threat modelling and embed security-by-design across engineering and delivery teams.
- Room to experiment and grow apply frameworks such as OWASP, MITRE ATT&CK, and STRIDE while shaping how SSDLC and DevSecOps are practised in a complex environment.
- Collaboration at scale. Partner with product, platform and cloud engineers solving challenges across AWS and distributed systems.
- A mature, supportive culture. Work with peers who value pragmatic problem-solving, learning, and professional development.
What you’ll bring
- Proven experience in application or product security, ideally within cloud-native environments.
- Strength in threat modelling, secure design, and integrating security into agile and DevOps workflows.
- Solid understanding of AWS security, DevSecOps, and secure coding principles.
- Familiarity with frameworks like OWASP, MITRE ATT&CK, NIST, ISO 27001.
- Clear communication and collaboration skills to influence across technical and non-technical teams.
The details
- Hybrid work – Sydney, Melbourne or Brisbane (2–3 days onsite).
- Contract until mid-2026, with potential extension.
- Fully embedded within the organisation’s Security and Engineering teams, with full onboarding support.
Why join
Because this is your chance to shape security practices at scale, influence technical direction, and see tangible results from your expertise. You’ll be part of a high-trust environment that values autonomy, inclusion and continuous improvement.