Tech Manager - Application Security (Advice, Assurance & Consulting)

Surry Hills, Australia

Endeavour Group

View company page

Company Description

Let’s create a more sociable future together

At Endeavour, we’re totally into what we do. With a portfolio that includes Dan Murphy’s, BWS, ALH Hotels, Pinnacle Drinks and more, we love to bring people together. Together we share our passion for our products and industry; it’s what inspires us to dream big, and continue to create new experiences for our customers and teams across Australia. If you thrive on positive energy, we want to meet you!

Job Description

  • This is just the start, so dream big
  • Be part of a rare large scale transformation project
  • Work for industry leading companies

The Tech Manager - Application Security (Advice, Assurance & Consulting) is a member of the Cyber Security Leadership team, you will be a critical part of the Endeavour cybersecurity team and a key driver and contributor to the Cyber Security strategy via engagement with the IT transformation and underlying projects.

The ideal candidate must have strong working knowledge around Application Security, Risk and Assurance.  The complexity of the environment creates the opportunity for the successful candidate to establish a solid foundation for the organisation to traverse the required transformation over the coming years.

The candidate will work closely with stakeholders both in the business, projects and the Cyber Security team. They will have involvement with an assortment of projects that support the business.

Role split: approximately 70% hands-on technical work and 30% mentoring.

Here is a taster of what you can expect in this role

  • Manage the resource profile of AAC Squad for the organisation, including projects and BAU
  • Facilitate triage and assessment of discovered security issues, performing manual code reviews where required, and provide advice to the development teams
  • Provide mentorship and guidance to the AAC Squad on how to identify vulnerabilities, build patterns and interact with development teams
  • Ensure EGL’s SDLC integrates security into the design of software
  • Work closely with IT risk and security architecture, adding input to overall security strategy and culture
  • Own the relationship with the core brands and specialty brands to ensure that a suitable risk profile is maintained
  • Own the strategy and future state of AAC Squad; including
    • Application Security Strategy
    • Assurance Strategy
  • Directly advise business stakeholders to ensure security requirements are accounted for at design time.
  • Own the vulnerability detection and remediation strategy to identify and resolve security issues at every stage of the delivery process.
  • Understand the Business relationship with Cyber Security.
  • Perform hands-on reviews when required.

Qualifications

Now let’s talk about you

  • At least 5+ years of hands-on Application Security experience in Agile environments
  • Leadership experience with 3 - 5 direct reports in technical teams and stakeholder management
  • Be comfortable with providing advice to non-technical stakeholders
  • Strong knowledge of Stakeholder Management and Consulting best practices
  • Ability to guide development teams and external vendors towards the wider EGL Cyber Security strategy.
  • Ability to conduct a range of security assessments, including 
    • OWASP top 10
    • Code reviews
    • Threat Modelling
  • Solid experience in
    • .NET (C#), Javascript, and at least one scripting language (Python, Go, etc..)
    • DevSecOps and pipeline security
  • Container security, Kubernetes and security scanning tools (SCA, DAST, SAST, etc.)
  • Understanding of public cloud infrastructure (AWS, Azure, GCP)
  • Self-motivated and able to manage multiple priorities and tasks concurrently.

The benefits are good too! 

  • We offer flexible working in every sense
  • An exclusive discount card for BWS, Dan Murphy’s, Woolworths, BIG W and other Endeavour Group brands, including our ALH pubs
  • Monthly meeting-free days 
  • Your health and wellbeing is your most important asset, and as one of our valued team members, it’s our first priority. You will have a range of free services to help you live well and support your physical, mental and financial wellbeing
  • Endeavour Group is full of opportunities - use our dedicated learning and development options to grow an idea, yourself, and your career. This is just the start, so dream big.

At Endeavour, we value being a workplace where everyone’s welcome - if you meet a number of the requirements (and not all), we encourage you to apply.

Additional Information

We are together creators

With a portfolio that includes Dan Murphy’s, BWS, ALH Hotels, Pinnacle Drinks and more, Endeavour Group is big on sociability. Together we create the moments that bring millions of people together. And together we have more fun, create more opportunities, and score a lot more goals. We’re serious about creating a safe, inclusive and fun place to rock up to where equal opportunity is key, and flexibility is part of how we roll.  

We’re all about creating a more sociable future - for our customers and each other. If this job excites you - and you’re close-enough on the requirements, reach out, we’d love to hear from you.

You can learn more about working with us on LinkedIn or at endeavourgroupcareers.com.au.

Our Talent Team and Hiring Leaders kindly request no unsolicited resumes or approaches from Recruitment Agencies. Endeavour Group is not responsible for any fees related to unsolicited resumes.

#WeAreTogetherCreators #ComeAsYouAre #DreamBig #FeelTheEnergy #LeaveYourMark #EndeavourGroup

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile Application security AWS Azure C Cloud DAST DevSecOps GCP JavaScript Kubernetes OWASP Python SAST Scripting SDLC Security assessment Security strategy Strategy Vulnerabilities

Perks/benefits: Career development Equity Flex hours Health care Startup environment

Region: Asia/Pacific
Country: Australia
Job stats:  1  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.