Software Security Lead

Job Title: Software Security Lead
Contract Type: Permanent
Location: Brisbane
Reference: 1040732
Job Published: November 09, 2020 14:31

Job Description

Troocoo are partnered with an exceptional group of people in their search for a Software Security Lead. You will be responsible for increasing the security posture of their application development teams, contributing to the secure development lifecycle and tooling, as well as providing the first source of advice and guidance in relation to policy, procedures and processes.  We have a range of internal and external applications, many exposing APIs and some with static web application front ends.

Key Responsibilities:
  • Ensure delivery teams can deliver secure software by following a set of core principles and processes
  • Set guidance for secure development life cycle, including assisting teams with appropriate changes to documents, as well as helping to provide assistance to aspects such as engineering, testing and documentation.
  • Establish a model for teams to monitor and understand their own security threats
  • Provide core security scanning tooling in concert with our Enablement team as part of our CI/CD infrastructure, such that teams can get immediate feedback for breaches of security guidelines
  • Assist in justifying internal control framework against raised risks, including use of automated and modern control mechanisms
  • Draft responses to questions on security approach for customers, both internal and external
  • Liaise with external security testers to determine appropriate scope for tests given internal scanning
  • Involvement in agile discovery phase for delivery initiatives to help squads understand security impacts
  • Assist with reporting of progress and value delivered in relation to internal security initiatives.
About you:
  • Strong experience helping teams to deliver secure software into an AWS environment is essential
  • Demonstrated experience in creating and maintaining core security tooling to support static and dynamic scanning of software prior to deployment is essential
  • Demonstrated experience in parsing and responding to security threats picked up by automated tooling
  • Demonstrated experience testing web applications for common threats
  • AWS certifications are desirable, especially “AWS Certified Security – Specialty”
  • Understanding of ISO27001 security framework
  • Must have strong communication and stakeholder engagement skills
  • Demonstrated experience managing security for workloads across a range of operating systems and technologies

If you're looking for a true career move in a genuine progressive organisation, then we look forward to receiving your application. Please call Alex on 0432 562 082 or email for further information.    

Please note all applicants must have the right to work in Australia.

Get similar jobs like these by email

By submitting your details you agree to our T&C's