Job title:	AppSec Engineer
Job type:	Contract
Emp type:	Full-time
Industry:	Consumer
Location:	Australia
Job published:	14-02-2026
Job ID:	63583

Job Description

You’ll be the only AppSec engineer based in Australia, reporting to the Head of Product Security overseas. Working for a large US eCommerce platform.

That means you’ll own AppSec locally, from spotting vulnerabilities to making sure they’re fixed. It’s hands-on work, not just pointing out problems. If you find an XSS in a web app, you’ll look at the PR, make the fix if it’s simple, or coordinate the change if it requires a bigger architectural update. You’ll also take ownership of tasks like rotating credentials and securing databases.

The role covers traditional web app security (mainly .NET) as well as cloud security in Azure. You’ll work with tools like Wiz, Oligo, runtime protection platforms, and AI-assisted security review tooling. Your job isn’t just to run scans; you’ll dig into the findings, validate true positives, understand the root cause, and turn them into controls.

Compliance is part of the picture too. The company is going through PCI and SOC 2, so you’ll help build and enforce controls that align with these frameworks.

If you want to talk, call, text or email - russell@theonset.com.au / 0438984265

Location:

Sydney

Job type:

Permanent

Emp type:

Full-time

Job published:

22-01-2026

Job ID:

61296

Location:

Melbourne

Job type:

Permanent

Emp type:

Full-time

Job published:

22-01-2026

Job ID:

62323

Location:

Surry Hills

Job type:

Permanent

Emp type:

Full-time

Job published:

08-01-2026

Job ID:

60245

Location:

Sydney

Job type:

Permanent

Emp type:

Full-time

Job published:

08-01-2026

Job ID:

59748

Job Description

Our use of cookies