THE TEAM

ASIC’s Cyber Security Group delivers a broad range of services across the organisation which include security architecture and design, incident response, and cyber assurance. We leverage advanced security technologies with a growing emphasis on automation and analytics to help ASIC become a best-in-class regulator for Australia’s financial markets.

ASIC’s Cyber Security Group is seeking a skilled Application Security Specialist to join their Application Security Engineering team to provide ongoing application security support and guidance across the organisation.

• Sydney, Melbourne and Brisbane locations
• 24 Month Fixed Term position
• Salary from $123,444 to $144,386 (depending on experience) + 15.4 % superannuation
• Applications will close at 11:59pm AEST, Friday 20 June 202

AT ASIC, YOU CAN BE THE CHANGE THAT ENSURES A FAIR, STRONG AND EFFICIENT FINANCIAL SYSTEM FOR THE BENEFIT OF ALL AUSTRALIANS. CONTRIBUTE TO DELIVERING ON ASIC’S PURPOSE, VISION, AND STRATEGIC PRIORITIES TO HELP MAINTAIN THE INTEGRITY OF THE FINANCIAL SYSTEM AND PROTECT CONSUMERS FROM HARM.

ASIC’s Cyber Security Group is seeking a skilled Application Security Specialist to join their Application Security Engineering team to provide ongoing application security support and guidance across the organisation.

• Sydney, Melbourne and Brisbane locations
• 24 Month Fixed Term position
• Salary from $123,444 to $144,386 (depending on experience) + 15.4 % superannuation
• Applications will close at 11:59pm AEST, Friday 20 June 2025

THE ROLE

As an Application Security Specialist, you will help lead the product security and application security initiatives ensuring that security is integrated into every aspect of the software development lifecycle and deployment processes. As part of the role, you will also support the cyber assurance function and the delivery of the Cyber Uplift Program of works.

More specifically, you will:

• Collaborate with development teams to design secure solutions and embed security throughout the software development lifecycle (SDLC).
• Provide timely guidance on securing applications, APIs, middleware and development pipelines.
• Define and guide secure architecture practices across code repositories and project activities.
• Support Shift-Left initiatives by integrating security early in the SDLC.
• Manage and coordinate penetration testing activities.
• Conduct application security testing, including penetration testing, vulnerability scanning and assessments.
• Collaborate with engineering teams to perform secure code reviews for applications and cloud infrastructure.
• Assist IT teams in analysing and remediating vulnerabilities, design flaws, and configuration weaknesses.
• Support the Cyber Assurance team in delivering application security assurance.