Specialist Application Security

We Are Woolworths Group
We are Woolworths Group. 200,000+ bright minds, passionate hearts and unique perspectives connected by a shared Purpose - 'to create better experiences together for a better tomorrow.' It's that Purpose that fuels our ambition to explore new ideas, make brave commitments and innovate better ways to meet the food and everyday needs of more than 24 million customers every week.
If you're excited to turn today's blue sky thinking into a better tomorrow for future generations, you'll find yourself supported and enriched in an dynamic, inclusive and empowering workplace that reflects the diverse communities we serve. With a culture of genuine care, a flexible approach to work and opportunities across the group to grow your career and make a meaningful impact, the possibilities for what we can achieve together are endless.
Welcome to Group Enablement
Our Group Enablement Teams are the Technology, Business Enablement, Value Chain and Replenishment experts developing new capabilities and platforms for a better retail future. We're the crucial link between our stores and the stock they need, the IT engine moving our business forward, the strategic connectors streamlining the way we work, and the forward thinkers using tech to transform the retail experience. Uniting cutting edge technology, data and retail smarts, you'll work behind the scenes, in the margins and across every corner of the business - to uplift our capability, amplify our collective impacts and revolutionise the customer experience.
What you'll do
The digital teams within Woolworths are transforming themselves into a true engineering organisation where we put customer experience first and create highly leveraged (and loved) platforms with a heavy emphasis on operational excellence such as ensuring our platforms and services are robust. As a result, our focus on cybersecurity is higher than ever. The Application Security Specialist will focus on building a Secure Development Lifecycle (SDLC) and embedding great security development culture into our development teams. This will include creating a culture of security awareness within the broader Digital team, creating and maintaining the necessary cybersecurity standards end to end - from CI/CD tools through to pen testing and post-incident remediation.

• Work closely with the digital teams to oversee Application Security awareness programs and educational efforts, particularly around developer training using Secure Code Warrior
• Work with the Woolworths digital teams to identify, select and implement technical security controls
• Design, create, embed and own cybersecurity best practice processes into the SDLC of all Digital development teams
• Plan, research and design robust Application Security tools and practices for all digital projects
• Work closely with the Group Cyber Security and digital teams to implement and maintain corporate security policies, standards and procedures from an applications perspective
• Work closely with the Group Cyber Security and digital teams to ensure digital cyber risks are to be recorded to the Enterprise Cyber Security Risk register

What you'll bring
To be successful in this role, you have proven experience in a similar position where you have performed security code reviews manually and with code scanning tools like Snyk Code/SCA and you have exposure to multiple security domains. This is a great role for a developer with a strong foundation in secure development practices that wants to take the next leap in their career.

• SAST/DAST application vulnerability scanning tools into DevOps CI/CD pipelines
• Interpreting code vulnerability assessments with tools like Snyk Code/SCA and classifying vulnerabilities with CVSS
• Security related to cloud-based technologies, especially MS Azure, Google, and Amazon AWS
• Broad knowledge, confidence, and experience in iterative project delivery and cybersecurity
• Solid understanding of core cyber security principles associated with all levels of the OSI stack, including OS, DB, Hypervisor, Application, Cloud, Web Application, and e-commerce architectures.
• Confidence and experience investigating code-level vulnerabilities in programming languages including Java, C#, Javascript, Python, Swift, and Objective-C.

What you'll experience
Our Team Members are at the heart of everything we do and we're always looking for ways to support your career journey and reward great work:

• Team discounts across our range of Woolworths Group brands you know and love and a robust rewards program that celebrates and incentivises purpose-driven work.
• A global business with endless career possibilities around every corner and across every discipline - with valuable exposure to a vast and exciting business network.
• A range of programs to help you prioritise and manage your wellbeing, including 24/7 access to the Sonder app.
• A progressive and competitive leave policy that gives you more space for what matters to you.

Everyone belongs at Woolworths Group
Diversity, equity, inclusion, and belonging are key to realising our purpose of better together for a better tomorrow. We recognise the value our team's diversity brings to our business, customers, and communities and that teams with diverse experiences and backgrounds enrich our group and are better able to innovate and solve problems. As one of the largest employers in Australia and New Zealand, we aim to create a truly inclusive workplace where everyone feels that they belong, can be their best selves, and reach their full potential.
We encourage all candidates to apply; please let us know in your application if we can support you with any adjustments in the hiring process.
Platinum Tier Employer - Australian Workplace Equality Index for LGBTQ+ inclusion
Employer of Choice for Gender Equality - Workplace Gender Equality Agency.