Application Security Engineer - Perth, Australia - Michael Page

    Michael Page
    Michael Page Perth, Australia

    1 month ago

    Michael Page background
    Temporary
    Description

    About Our Client

    Headquartered in London, this multinational corporation operates worldwide, extracting and producing commodities like iron ore, aluminium, copper, diamonds, and coal. With a history dating back to 1873, it's a leader in the industry, known for its commitment to sustainability and innovation. While prioritising efficiency and productivity, it remains mindful of its impact on the environment and communities. Join this corporation in shaping the future of responsible mining.

    Job Description

    • Working within the Rio Tinto Cyber Security team, reporting to the Manager Cyber Security Technical Operations
    • Working with Cyber Application Security, provide guidance and advice to teams as an SME for application security.
    • Working with a range of different development teams across the globe, in multiple time zones.
    • Conduct secure code reviews for various languages and frameworks (E.G. C#/Python).
    • Using tools such as Snyk to identify applications that may be of concern from a security perspective and work with the development teams to address these
    • Track progress across all applications.
    • Work together in partnership with the business and with IT service owners to ensure security posture is consistently maintained and improved.
    • Vulnerabilities in systems and software are identified and remediated. Plans are established and tracked to finalisation
    • Safety
    • Awareness, practice and commitment to safe working practices
    • Conduct hazard Identification and safety interaction
    • Participate in Safety Audits
    • Report Incidents
    • Participate in incident investigations
    • Participate in safety meetings
    • List the key objectives and key results expected from the contractor:
    • Assigned tasks completed on time and required quality
    • Vulnerabilities addressed and resolved
    • Work is delivered to cyber standards
    • Status of vulnerabilities are tracked and reported clearly
    • Collaboration within the cyber team
    • Strong ability to deliver and drive continuous improvement initiatives
    • A commitment to the safety of yourself and your team

    The Successful Applicant

    • 3-5 years of industry relevant experience
    • Experience with Application Security Testing tooling (E.G. Snyk)
    • Experience with common CI/CD platforms and building/modifying pipelines (E.G. GitHub Actions/Azure DevOps Pipelines)
    • Experience with securing common developer platforms (E.G. GitHub/Azure DevOps)
    • Experience with automating common application security tasks
    • Experience with training developers on application security guidelines and standards in line with industry best practices (E.G. OWASP/SLSA)
    • Excellent collaboration and influencing abilities regarding Cyber Security solutions.
    • Experience working in a global organization and large IT environments following ITIL processes, such as change control and incident management.
    • Experience working in cloud environments (AWS and Azure) and an understanding of how identity management and access controls work within these environments.
    • Strong Cyber operational process knowledge and/or experience (Patching, Cloud, Vulnerability Management etc).
    • Self driven with strong organising and tracking skills