Senior Security Engineer

Senior Security Engineer Chandler Macleod•Melbourne, VIC, AU An exciting opportunity exists for a Senior Security Engineer to join a high-performing Cyber Business Enablement team within a complex, enterprise-scale technology environment. This role plays a critical part in strengthening the organisation’s security posture by embedding security-by-design principles across software delivery and operational processes. This is a contract role based in Melbourne CBD in a hybrid working environment. Partnering closely with technology leaders, developers, and delivery teams, you will lead the implementation of secure software development lifecycle (SDLC) practices, CI/CD security guardrails, and DevSecOps capabilities to ensure applications and platforms are resilient, compliant, and secure by default. This is a hands‑on, delivery‑facing role requiring strong technical expertise, consulting capability, and the ability to influence at scale. Key Responsibilities

Collaborate with internal stakeholders and delivery partners to secure development pipelines and embed security engineering practices aligned to cybersecurity strategy, policies, standards, and compliance requirements. Design, implement, and maintain security controls across the end‑to‑end software development lifecycle. Establish and enforce CI/CD security guardrails to identify and mitigate vulnerabilities early in the development process. Participate in and facilitate threat modelling activities for new initiatives and critical systems. Apply recognised frameworks and methodologies such as AESCSF, MITRE ATT&CK, D3FEND, NIST, and OWASP to enhance detection and defensive capabilities. Integrate, operate, and optimise application security tooling including SAST, DAST, and SCA. Provide security consulting and guidance to cross‑functional teams, vendors, and delivery squads on secure coding, architecture, and risk mitigation. Ensure standardised delivery of security assessments and penetration testing across technology initiatives. Drive continuous improvement of security processes in line with evolving regulatory and industry standards. Contribute to security awareness, knowledge‑sharing, and uplift of engineering capability across development and operations teams. Skills & Experience Required

Proven experience conducting penetration testing across web applications, mobile platforms, APIs, and infrastructure, including complex vulnerability discovery and real‑world attack simulation. Strong background in security engineering within medium to large, complex organisations (5+ years). Experience working in regulated environments; government or public sector exposure is highly regarded. Deep knowledge of secure software development practices and frameworks such as OWASP SAMM, CWE, MITRE ATT&CK, and NIST. Extensive hands‑on experience with CI/CD pipelines and embedding security controls within DevSecOps models. Demonstrated capability integrating and managing application security tools (SAST, DAST, SCA). Strong experience in vulnerability management, remediation prioritisation, and executive‑level reporting. Hands‑on automation and scripting experience for security tasks. Solid exposure to production deployments, post‑incident reviews (PIRs), and operational risk management. Excellent communication skills, with the ability to translate complex technical risks into clear, concise business language. Strong analytical mindset with a practical, outcome‑focused approach to problem solving. Extensive experience working with Microsoft Azure and cloud‑native technologies. Program or project delivery experience within enterprise technology environments. Qualifications (Highly Desirable)

Degree in Computer Science, Engineering, or a related discipline. Industry certifications such as:

OSCP / OSWE CISSP GICSP Or equivalent professional experience and continuous development.

If you are a senior‑level security engineer passionate about secure software delivery, DevSecOps, and driving meaningful security outcomes, this contract opportunity offers both challenge and influence. At Chandler Macleod, we are committed to fostering a diverse workforce where everyone is welcome. We encourage applications from Aboriginal and Torres Strait Islander peoples, women, neurodiverse, people living with a disability and the LGBTIQA+ community. You can read more about our commitment to diversity and inclusion at https://www.chandlermacleod.com/diversity-and-inclusion.

#J-18808-Ljbffr