Senior Application Security Engineer - Australian Financial Complaints Authority

Key Responsibilities

• Design, implement, and maintain application security controls across the software development lifecycle.
• Lead penetration testing engagements, identify vulnerabilities, and collaborate with engineering teams to remediate findings.
• Develop and enforce secure coding standards, conduct code reviews, and provide actionable feedback to developers.
• Perform threat modeling and risk assessments for new and existing applications.
• Stay current with emerging security threats, tools, and industry best practices, and disseminate knowledge across the organization.

Requirements

• 5+ years of experience in application security, including hands‑on penetration testing and secure coding.
• Deep knowledge of OWASP Top 10, secure design principles, and common web vulnerabilities.
• Proficiency with security testing tools such as Burp Suite, OWASP ZAP, and static analysis scanners.
• Strong communication skills to translate technical findings into business‑friendly recommendations.
• Experience in a regulated financial services environment is a plus.