Job Title

About UsWere known for being the countrys most popular rewards program, helping Australians get more of what they value beyond the checkout. And through our extended network of partnerships with other nationally recognised brands, we make every day simpler, easier and more rewarding for our members. Plus, were also the winner of Canstar Blue''s 2023 and 2024 Most Satisfied Customer award for Rewards Programs.But, we''re more than the card you carry around in your wallet or the app on your phone! Our diverse team is located all over Australia, and our incredible office is located right in the heart of Melbourne CBD. Staying true to our flexible working policy and people-centric culture, we ensure all our team members are set up to work remotely across Australia. We are outcomes-focused, and everything we do is aligned with our core principles - Own, Act and Inspire.Your TeamWe''ve already built a pretty amazing team, but we''re not looking for more of the same. Our day-to-day is made stronger when we surround ourselves with people who are different, like you.Your RoleThere is no typical working week at Flybuys. But here are some of the things you will be working on, day-to-day;Develop and lead the application security strategy to embed security into software development practices across the organisation.Establish and drive the adoption of application security testing frameworks, capabilities, and tooling.Scale application security through automation, ensuring security testing is integrated into development pipelines.Provide guidance on secure application design, threat modeling, and risk mitigation for technology stakeholders.Maintain and enhance secure software development guidelines, policies, and best practices.Oversee and support developers in understanding and remediating security vulnerabilities.Lead secure coding training initiatives, ensuring development teams are equipped with the latest security knowledge.Champion security awareness programs and advocate for secure development practices company-wide.Evaluate and introduce innovative security techniques, processes, and vendor products to enhance application security.Define and own penetration testing strategy, including selecting tools and managing third-party security engagements.Conduct risk assessments and penetration testing on key applications.Oversee third-party penetration testing engagements, ensuring quality outcomes and actionable insights.Track and report application security metrics, providing visibility into risks, remediation efforts, and overall security posture.Develop and execute a comprehensive vulnerability management program that proactively identifies, assesses, and remediates security flaws.Design and enforce robust IAM policies and controls that govern user authentication and authorisation, ensuring access is granted based on the principle of least privilege while aligning with Flybuys security standards.Operationalize regular Privileged Access Reviews (PAR) and User Access Reviews (UAR) by establishing structured review cycles, timely validation of access permissions, and corrective measures to mitigate risks and maintain compliance.Strong leadership and stakeholder engagement skills, with the ability to influence technical and non-technical teams.Lead and mentor a high-performing application security team, fostering collaboration and professional development while driving alignment with organisational objectives.Define clear goals and delegate responsibilities, ensuring efficient execution of security initiatives while balancing individual growth and team capacity.Establish performance and capability benchmarks, continuously assessing and improving security practices to align with business objectives.Your ExperienceExpertise in SAST, DAST, dependency scanning, and common application security tools.Deep understanding of security controls, security libraries, and common application security flaws.Strong knowledge of CI/CD pipeline security integration and automated security testing approaches.Solid experience with secure software development lifecycle (SDLC) best practices.Demonstrated ability to identify and address security issues through secure code review.Hands-on experience with penetration testing methodologies and tools.Bachelor''s Degree in Computer Science, Cybersecurity, or related field.Relevant Application Security Certifications.Strong network security and web protocol knowledge.Your Benefits!We offer our valued team members a stack of exclusive benefits! To name a few...Flybuysflex | work from anywhere, measured on outcomesTwo well-being days per year!Volunteer leaveOngoing learning & development programs and opportunitiesMy Coles and Wesfarmers team member discount cardBe Well Programs Mind/Body/SoulQuarterly All Team eventsHybrid social eventsNew starter kit merchandiseBe You, With Us.Apply today!We value ways of working that work for everyone and use our different strengths to make us stronger. We work hard to make sure everyones voice is heard and respected equally, regardless of identity, background, position, ability or lifestyle.It is a condition of employment that successful applicants undergo a National Police Check prior to commencing. #J-18808-Ljbffr