Initial Contract Duration: Until 31 July 2025 Extension term details: 12 months Number of extensions: 1 Location: ACT, NSW, QLD, VIC Security Requirements: Must be able to obtain Negative Vetting Level 1 Working Arrangement:Hybrid Flexible Working Arrangements (including remote working arrangements) will be considered on a case-by-case basis against the business requirements of the department and the needs of the immediate work area. Reduced Activity Period - A reduced activity period may apply where the specified personnel will not work unless the buyer has provided pre-approval in writing, which includes: • public holidays; and • Christmas shutdown. Maximum hours 40 hours per week About the Role: SoftLabs is seeking Senior Software Engineer for ICT Labour hire at their technology consulting based in ACT, NSW, QLD, VIC Job details The Lead Software Engineer (Application Security) will play a key role within a security uplift focussed Tiger Team, driving efforts to uplift the security posture of departmental applications. This role focuses on leading technical and project management activities to address application-level vulnerabilities, modernise legacy systems, and implement secure solutions. The role will coordinate across teams to ensure successful security outcomes while enabling the department to meet its cybersecurity goals. Key duties and responsibilities As a technical team lead with a focus on application security, this position involves planning, oversight, and hands-on contribution to secure application development, vulnerability remediation, and the implementation of coding best practices. Duties and Responsibilities: Technical Leadership: Provide guidance and leadership to the Tiger Team, taking responsibility for project objectives. Act as the primary technical advisor for application security uplift initiatives, ensuring alignment with departmental priorities. Lead efforts to assess and modernise application environments, focusing on secure coding practices Project Coordination: Manage the lifecycle of application security uplift projects; including planning, execution, and reporting on progress. Collaborate with stakeholders, including cybersecurity, development, and application delivery teams to prioritise and address vulnerabilities. Track project timelines, milestones, and deliverables to ensure the timely resolution of critical security issues. Application Security Risk Remediation, Risk Mitigation, and Compliance: Oversee the implementation of secure coding practices to remediate vulnerabilities identified in penetration tests, code reviews, and scans. Guide development teams in applying security measures that align with modern standards (e.g., OWASP). Ensure proper validation and testing of remediated applications to maintain functionality and security. Collaborate with cybersecurity specialists to identify, assess, and mitigate application-level risks. Lead the development of secure configurations and ensure compliance with organisational security standards. Stakeholder Communication: Serve as the primary point of contact for application security uplift efforts, providing regular updates to stakeholders, including the DSD CISO. Translate complex technical information into actionable insights for both technical and non-technical audiences. Key Benefits: Opportunity to lead high-impact initiatives to improve the security of critical applications. Work at the forefront of cybersecurity and software development, influencing the department’s security strategy. Collaborate with a dynamic, cross-functional team focused on delivering innovative solutions. Essential criteria Leadership and Project Management: o Proven experience in a technical leadership or team lead role, managing application security or software development projects. o Strong project management skills, including the ability to coordinate cross-functional teams and manage competing priorities. Application Security Expertise: o In-depth knowledge of secure software development practices, vulnerability remediation, and modern application security standards (e.g., OWASP). o Hands-on experience in application development, particularly in secure coding practices using languages such as Java, .NET, or Python. Collaboration and Communication: o Exceptional ability to collaborate across teams and communicate complex technical concepts to diverse audiences. o Experience working in environments where application-level security is a priority, such as education, government, or regulated industries. Technical Problem-Solving: o Ability to troubleshoot and resolve complex technical issues in diverse application environments. Desirable criteria Certifications such as CISSP, CSSLP, or PMP (Project Management Professional). Experience with legacy application modernisation, particularly in software and database security. Familiarity with SDLC processes, CI/CD pipelines, and application testing frameworks. Knowledge of compliance frameworks relevant to application security in government or regulated sectors. Application Deadline: Monday, 27 January 2025 Expected Start Date: Thursday, 27 February 2025 Job Types: Contract Rate: As per Australian Market Standards If you are interested in this position, please click Apply with your resume in WORD and send your details for review. If you wish to have a confidential discussion, call us on 02 6108 3980 or 0410 756 040 for more information