Nov 23, 2021

Application Security Engineer

  • Bendigo and Adelaide Bank
  • Adelaide,Bendigo,Brisbane,Ipswich,Melbourne,Perth,Sydney,All Locations,Remote

Job Description

  • Join one of Australia's biggest banks - A top 100 ASX listed Company
  • Work from any of our corporate locations or work from home
  • Permanent role + benefits (more info on our website)

About us 

With more than 160 years of history, we are proud of our position in the community with more satisfied customers than any other Australian bank.  Every day, we work hard to bring our company purpose to life, feeding into the success of our customers and communities and not off it. 

We're more than just a bank with banking products. We change the lives of customers and communities. Commercial actions with heart!

Our time is now. We are challenging the status quo and we're excited about our future!

About the team

Information Security within the Bank uses a business-driven risk-based approach. The Information Security Design, Testing and Assurance Service Team enables and supports business objectives by helping to implement and test controls designed to protect the bank.

About the role

You will be responsible for setting up the right tools, processes, training and consulting to allow the Bank to ensure our product lines are secure before being released into production. You will provide effective information security testing services for the Bank and provide support to the Information Security Practice by driving the operation and continuous improvement of the Static Application Security Testing (SAST) services.

The core activities include:

  • To work closely with development teams to develop and deliver the SAST services roadmap.
  • Assist in development of automated security testing (primarily via GitLab and JFrog Xray) to validate that secure coding best practices are being used
  • Support and consult with product and development teams in the area of application security
  • Assist in creation and deliver of secure code awareness training via Secure Code Warrior
  • Assist development squads in the triage, and false positive management of SAST/SCA tooling

About you

You will be experienced in the use of Static and Dynamic Analysis testing tools and be able to identify security issues through code review.  You will have experience with design, development and implementation of management frameworks, standards, processes and procedures.  And have relevant experience with security products and concepts.

To be successful in this role you will have:

  • Demonstrated knowledge security testing concepts and testing of security and technology related controls.
  • Knowledge of OWASP TOP 10 and CWE Top 25 and how to mitigate them and can explain how to resolve the issues to developers.
  • Familiar with Static and Dynamic Analysis tools and the implementation within CICD build pipelines.
  • Familiar with container technologies (Docker/Kubernetes) and use of cloud services
  • Practical understanding of security related technology, trends and threats.  And knowledge of information security industry standards, regulations and compliance requirements relevant to financial institutions.

Why us?

There's so much more to a career with Bendigo and Adelaide Bank than just banking. 

Get real benefits, work life balance and flexibility. You bring your brilliant mind and we’ll help you take your learning to the next level with on the job training and external development opportunities - we want you to shine. After all, YOU are the difference that makes us the better big bank.

At Bendigo and Adelaide Bank we believe a diverse workforce supported by an inclusive culture is central to our success and we actively encourage applications from those who bring diversity of thought to our business. We support candidate requests for adjustment to accommodate an illness, injury or disability to equitably participate in the selection process.

We take Information Security seriously read more here:

It is a condition of employment with the Bank that you are fully vaccinated against COVID-19, unless you have a medical contraindication or acute illness which prevents you from receiving the vaccine and you provide satisfactory evidence of this to the Bank.

Be quick to apply as applications will be reviewed as they are submitted, and the advert my close before the listed closing date.