Senior Software Engineer – Apps Dev

The Department of Employment and Workplace Relations is looking to engage an Application Developer to work in the Cyber Security Section of the Digital Solutions Division (DSD).

The Application Developer will be part of a wider Tiger Team focussing on uplifting the security posture of different applications across the department. The Application Developer will play a vital role in implementing secure fixes for vulnerabilities in legacy and high-risk applications. This role involves collaborating with cybersecurity and technical specialists to mitigate risks, modernise legacy systems, and ensure secure, functional applications.

Duties and Responsibilities include:

• Analyse and implement code fixes for vulnerabilities identified in application security assessments.
• Refactor and enhance legacy codebases to meet modern security standards.
• Collaborate with software engineering and cybersecurity specialists to ensure secure integration of solutions.
• Assist in setting up secure development environments for testing and remediation work.
• Provide development expertise to application delivery teams lacking active developers.
• Develop strategies to secure technologies from multiple eras.
• Conduct cyber security assessments, vulnerability scans and pen testing to identify potential risks and vulnerabilities.
• Build infrastructure and tooling to automate and move cyber security activities left.
• Collaborate, drive and build a program of work to uplift the way the organisation identifies and makes risk based decisions for applications

Criteria

The buyer has specified that each candidate must provide a response to each criterion. Each response is limited to 3000 characters.

Essential criteria

1. Strong programming skills in multiple languages such as Java, .NET, and Python.
2. Experience with legacy systems and technologies, including debugging and upgrading outdated code.
3. Knowledge of secure coding practices and secure software development lifecycle (SDLC).
4. Familiarity with CI/CD pipelines and version control tools (e.g., Git).
5. Ability to collaborate with cross-functional teams to deliver secure, high-quality solutions.
6. Experience with secure coding principles deriving from frameworks such as OWASP.

Desirable criteria

1. Certifications such as CSSLP or secure development training.
2. Experience in remediating vulnerabilities identified through penetration testing.
3. Familiarity with education or government application environments.