Application Security Engineer

We're MYOB MYOB is the #originalstartup. Our roots are in finance and accounting software, but today we’re so much more! We’re building a business management platform to help more businesses in Australia & New Zealand Start, Survive & Succeed. Our team is continually transforming, inventing and disrupting conventions. We don’t want you to simply ‘fit’ into our already established culture, we want you to add to it, and make it even better! This is MYOB. 
Our Technology Team is continually shipping high value outcomes for our customers and organisation.  Our tech performance and our Engineering practices are consistent, strong, and secure and you can do all of this in an environment which allows people to grow. 
What we’re doing is a real tech transformation; we’re taking a legacy success and transforming it into a SaaS platform to support SME and Enterprise businesses in ways they never knew they needed.  Join us and help build the business management platform that will disrupt the market.
What's the job?As an Application Security Engineer, you will be technically responsible for securing our products, remaining hands-on by being close to the tools. In this role you will collaborate with everyone from engineers, product managers, and members of multi-functional teams to drive the implementation of innovative security in line with industry standards.
You’ll find ways of identifying and preventing security vulnerabilities, build tools, and mentor developers to help deliver products securely into the market, as well as highlight risks and defects that may cause a threat to our products overall.
Bring your passion for security concepts, software development, and automation. Iteration is fundamental, where you are adept at adapting to change and innovation quickly. You'll be constantly be thinking about our customers and users, have the ability to shape and build our culture by bringing security to the forefront of our development and operational processes.
What our day-to-day looks likeEvery day is different in our AppSec team! One day you might help build and develop one of our tools or platforms, the next you might be educating our developers in secure coding practices.
There will be times when you influence a product team to change behaviour. Recently we have implemented a breaking build regime with our SAST tool - this required both technical skills and softer human skills. We leaned on strong communications (both written and verbal) and had heaps of empathy with our audience. We are not a blocker security team, so we rely heavily on our ability to influence and empathise.
Other days you may complete an architecture review, you may facilitate and guide a threat model, perform a small penetration test, or provide security advice to product teams.We work with AWS, Github and Buildkite. We always question why, and are not afraid to experiment with ideas. We do build our own tooling, so the successful person will need to have a solid understanding of at least one language and known programming principles/patterns. At MYOB, we have a diverse language stack ranging from .NET to Golang.
We strive to deliver results for our key objectives in an agile way of working, and we rely on each other and collaborate every single day to get the job done. We are always learning and growing so coming in with a growth mindset will be key to being successful with us.
On Friday, we have an optional 20% day - where you can work on or learn about whatever you like. Using 20% day, our team have built products and services that are now widely used across MYOB. The freedom to experiment and innovate drives the way we tackle problems and is the central theme to everything we do.
Some things our team is looking forward to working on in the next couple of months that you may be part of; Implementing a DAST solution for MYOB, finding an innovative way to report on security posture, redesigning our secure coding education programme, and working with teams to get them best using our SCA tool. Our Culture & Benefits Our values have stood the test of time. If you want to work and collaborate where opinions are valued, and your ideas can make a difference, come to a place where Your Work Matters.  - Do your best work in a flexible work environment, right down to financial assistance to set up your home office…it’s called Flexperience, and it’s designed by you and your team! - Our partnership with Smiling Mind helps support the wellbeing of our team members and customers - Drive your own learning via conferences, in-house training, LinkedIn Learning, study assistance and a strong focus on leaders creating a learning environment - A multitude of leave options including up to an additional four weeks of purchased leave, generous parental leave, domestic violence leave, transgender leave, volunteer leave, study leave, plus more! - Communities built around ‘Wellness’, ‘Belonging’ and the ‘Planet’ where you can make a meaningful contribution - Access to best-in-class discounts and vouchers from leading retailers, and a lot more. 
We are proud to be a Circle Back Initiative Employer and we commit to responding to every applicant.  
MYOB are an equal opportunity employer and we champion diversity. Don’t meet every single requirement of this role? Still apply!  Research tells us that that women and underrepresented groups are less likely to apply unless they meet every single requirement.  At MYOB we believe that the right hire is someone who makes an addition to our culture, rather than someone who fits in and conforms to our status quo. Moving to ‘Culture Add’ means adding team members who not only value MYOBs standards and workplace culture, but also bring an aspect of diversity that positively contributes to MYOB.  So, if you’re excited about this role, or about MYOB, we’d still love to hear from you!
#LI-Hybrid