DevSecOps Manager

• Make your move. Make your mark
• Put your fingerprints on the future to progress your career
• Make a difference, make it meaningful

The opportunity to join our team

We are excited to offer a new opportunity for a DevSecOps Manager to join our Cyber Security team at Insignia Financial. As we grow our cyber security initiatives to protect our valuable information assets and ensure compliance with regulatory requirements, this role will be key in embedding security throughout our development processes, with a major focus on CI/CD and DevSecOps. Building and maintaining security pipelines with tools like Jenkins or GitHub, specifically focusing on hardening web applications.

Key Responsibilities include:

• Lead Secure SDLC Governance: Design and enforce a secure SDLC framework, ensuring security practices are embedded across all development phases—whether agile, waterfall, or hybrid
• Integrate Security into CI/CD: Collaborate with DevOps to seamlessly embed security checks, automated testing, and real-time monitoring into our CI/CD pipelines
• Promote DevSecOps: Be the advocate for DevSecOps, promoting collaboration between dev, ops, and security teams while offering training on secure coding and security-as-code
• Verify Security Controls: Ensure that implemented security controls are robust, mitigating real-world cyber threats through rigorous testing, assessments, and audits
• Embrace Collaboration: Build strong relationships with cross-functional teams, communicating security risks and solutions to both technical and non-technical stakeholders
• Leverage experience with threat modelling frameworks and approaches to implement a threat-driven strategy in establishing SDLC governance and secure coding practices

What you will bring

We are looking for a standout professional with a strong background in application security or DevSecOps and a history of successfully embedding security into the SDLC.

• Proficient in secure coding practices and leveraging SAST, DAST, and SCA tools like Dependabot, NexusIQ, and Sonarqube to identify and mitigate vulnerabilities in applications, including SQL injection, cross-site scripting, etc.
• A passion for weaving security into every stage of development, embracing DevSecOps principles, and driving secure practices across teams
• Strong interpersonal skills to collaborate effectively with developers, project managers, and cross-functional teams, and the ability to proactively influence stakeholders to achieve better security practices/outcome
• Familiarity with security frameworks and regulations like NIST, ISO 27001, and other industry standards
• Bonus points for holding certifications like CISSP, CSSLP, Certified Kubernetes App Developer (CKAD), CKS / CKA and AWS Certified DevOps Engineer
• A degree in Computer Science, Information Security, or equivalent experience

Find the better way

What gets us excited about working here? Helping people feel good about their money as one of Australia’s leading financial wellbeing organisations. From those starting out to those retiring. As your team, we’ll show up for you and together we will create financial wellbeing for every Australian. Because we know people who are confident about their financial future live better lives. If this sounds like your kind of career, you sound like our kind of person. With us, you’ll do work that builds your technical know-how and challenges our entire industry to move forward. Along the way, you’ll be free to explore new ideas and technology, solve problems in a team, and independently to get great things done. Around here, we like to call it “putting our fingerprints on the future”.

People-inspired tech

Deep expertise combined with creativity can take on the trickiest of problems. Join our team of brilliant minds and mentors as we explore our way to innovation and apply technology in more human ways than ever.

Read more here about why you should join our team.

Applicants will be required to provide evidence of their eligibility to work in Australia, and at a minimum be required to undertake police and basic credit checks as a condition of employment.

Please note that applications from agencies will not be considered at this time.

We acknowledge and celebrate the richness that individual differences bring to our team. If you need assistance or an adjustment during the application process, please reach out and let us know.