Job Title: Application Developer
Contract Type: 6 Month Contract + 12 Month Extension
Clearance Level: NV1 Clearance Required
Work Locations: Canberra, Sydney, Brisbane or Melbourne office + flexible WFH
The Cyber Security Section of the Digital Solutions Division (DSD) is seeking to engage an Application Developer to uplift the security posture of different applications across the department.
This role involves implementing secure fixes for vulnerabilities in legacy and high-risk applications. The Application Developer will collaborate with cybersecurity and technical specialists to mitigate risks, modernise legacy systems, and ensure secure, functional applications.
Duties and Responsibilities:
* Analyse and implement code fixes for vulnerabilities identified in application security assessments;
* Refactor and enhance legacy codebases to meet modern security standards;
* Collaborate with software engineering and cybersecurity specialists to ensure secure integration of solutions;
* Assist in setting up secure development environments for testing and remediation work;
* Provide development expertise to application delivery teams lacking active developers;
* Develop strategies to secure technologies from multiple eras;
* Conduct cyber security assessments, vulnerability scans and pen testing to identify potential risks and vulnerabilities;
* Build infrastructure and tooling to automate and move cyber security activities left;
* Collaborate, drive and build a program of work to uplift the way the organisation identifies and makes risk based decisions for applications.
Essential Criteria:
* Strong programming skills in multiple languages such as Java, .NET, and Python;
* Experience with legacy systems and technologies, including debugging and upgrading outdated code;
* Knowledge of secure coding practices and secure software development lifecycle (SDLC);
* Familiarity with CI/CD pipelines and version control tools (e.g., Git);
* Ability to collaborate with cross-functional teams to deliver secure, high-quality solutions;
* Experience with secure coding principles deriving from frameworks such as OWASP.