Contract

New South Wales, Sydney

IT

Infrastructure and Cloud

AU$100 - AU$137.5 per hour

Martin Pearson

martin.pearson@talenza.com.au

26-06-2026

BBBH21405

Senior Application Security Engineer

6-Month Contract | Competitive Day Rate | Sydney CBD + Hybrid

I'm working with a well-known Australian technology business that's continuing to invest heavily in its engineering and platform capabilities. With a large cloud-native environment and a strong engineering culture, they're looking to bring in a Senior Application Security Engineer to help uplift their Application Security capability and embed security into the software development lifecycle.

The Opportunity

This is a hands-on contract where you'll lead the delivery of several key Application Security initiatives across the engineering function. You'll work closely with Platform, DevOps and Software Engineering teams to implement security controls that are practical, scalable and developer-friendly.

Some of the key pieces of work include:

• Rolling out and optimising modern Application Security tooling across engineering teams.
• Integrating SAST, DAST and SCA tooling into CI/CD pipelines.
• Building secure-by-default CI/CD patterns.
• Standing up and hardening a private package registry.
• Implementing gated deployment processes and security controls.
• Improving software supply chain security.
• Container image scanning and vulnerability management.
• Partnering with engineering teams to improve secure coding practices and developer experience.
• Producing documentation and handing capability over to internal Platform teams.

What You'll Bring

We're keen to speak with people who have experience across:

• Application Security, Product Security or DevSecOps.
• One or more leading SAST, DAST or Software Composition Analysis (SCA) platforms such as Checkmarx, Veracode, Fortify, SonarQube, Snyk, Mend (WhiteSource), Black Duck, GitHub Advanced Security, Semgrep, Contrast Security, Prisma Cloud, Aqua Security or similar.
• CI/CD security and secure software delivery.
• Software supply chain security and package management.
• Private package registries such as Artifactory, JFrog, Nexus or GitHub Packages.
• Container security and image scanning tools.
• AWS or other cloud-native environments.
• Scripting and automation using Python, Bash, Go or similar.
• Working closely with engineering teams to embed security into development workflows.
• Experience building or uplifting an Application Security capability from the ground up would be highly regarded.

What's In It For You?

• Initial 6-month contract.
• Competitive day rate.
• Hybrid working with offices in Sydney CBD.
• Greenfield Application Security uplift project.
• Modern cloud-native engineering environment.
• High-performing Platform and Engineering teams.
• Immediate start available.

If you're an experienced Application Security Engineer, Product Security Engineer or DevSecOps Engineer looking for your next contract, I'd love to have a confidential chat.