December 15, 2025 
Brisbane 
Full-time Skills/Experience:
- 8+ years in Application Security / Secure Code Review (hands-on).
- Demonstrated experience with manual code review across at least two of: Java/Kotlin, .NET/C#, JavaScript/TypeScript (Node/React), Python, Go.
- Strong knowledge of OWASP Top 10, OWASP ASVS, Threat Modeling, and secure design principles.
- Hands-on with SAST/DAST/SCA tools (e.g., SonarQube, Checkmarx, Fortify, Semgrep, Burp Suite, ZAP, Snyk, Dependency-Check, Trivy).
- Experience embedding security checks into CI/CD pipelines (Azure DevOps, GitHub Actions, GitLab CI, Jenkins).
- Ability to produce developer-ready remediation guidance & code snippets.
- Experience in cloud security (Azure/AWS)โidentity, secrets, storage, API security.
- Secure coding expertise (input validation, output encoding, authN/authZ, crypto, logging).
- Threat modeling & architectural review.
- Practical experience handling false positives and risk-based prioritization.
- Strong written communicationโclear reports, diagrams, and remediation steps.