As a Senior Software Engineer – Application Security (AppSec), you will uplift the developer ecosystem by optimising development tooling, workflows, and security controls. You will work cross-functionally to embed secure-by-default design principles, automated guardrails, and modern application security capabilities that empower engineers to build secure applications without compromising velocity. 

We have two vacancies on a 1-year max term to start. 

What will you be doing? 

• Partnering with security, platform, engineering, and product teams to design, implement, and embed secure development pathways (“paved roads”), guardrails, and SSDLC practices that integrate naturally into engineering workflows and CI/CD pipelines. 

• Configuring, integrating, and scaling modern AppSec tooling such as SAST, SCA, ASPM/ASM, and secret scanning, ensuring these capabilities are reliable, usable, and embedded into the software delivery lifecycle. 

• Leveraging GitHub Actions, CI/CD pipelines, policy-as-code, scripting, and orchestration to automate security checks, enforce controls, and streamline secure deployment processes without disrupting developer velocity. 

• Creating and maintaining templates, scripts, documentation, and self-service tooling that empower teams to adopt secure-by-default practices while reducing security friction, false positives, and manual overhead. 

• Defining metrics, gathering developer feedback, and analysing tooling outcomes to assess the effectiveness of AppSec initiatives, iterating on approaches to uplift both security maturity and developer experience. 

• Communicating with our Engineering cohort to share new tools, workflows, and secure engineering practices, while running enablement activities (docs, workshops, demonstrations) that drive secure adoption and ecosystem improvements.

• Staying on top of emerging vulnerabilities, security trends, and engineering productivity advancements, and building strong cross-functional relationships to influence secure behaviours and balance risk with usability and delivery outcomes. 

What are we looking for in you? 

• Experience building or securing cloud-native applications (Azure preferred) with SSDLC/shift-left security practices. 

• AppSec Tooling: Hands-on experience with modern AppSec tooling such as SAST, SCA, ASPM/ASM, and secret scanning in developer environments. 

• Practical experience with GitHub Actions, CI/CD pipelines, policy-as-code, or equivalent automation platforms. 

• Proficiency in scripting or infrastructure-as-code languages (e.g. PowerShell, JavaScript/Node.js, Bash, Terraform or similar) to build automations, actions, and platform integrations. 

• Empathy for engineering workflows with the ability to balance security, productivity, and usability. 

• Ability to influence technical stakeholders, articulate security impacts clearly, and work cross-functionally across engineering, security, and platform teams. 

• Previous exposure to GitHub administration or GitHub Advanced Security features such as code scanning, secret scanning, and dependency risk management will be highly regarded. 

What can we offer you? 

• Work with cutting-edge technologies and be part of a team driving digital transformation across RACWA. 

• Join a team that values personal development and enables continuous learning opportunities, certifications, and career progression within a supportive and growth-focused environment. 

• Benefit from flexible and hybrid working arrangements, including temporary remote work options and a focus on work-life balance. 

• Contribute to high-impact projects or products that directly enhance RACWA's services to its members and the community.

• Be part of an organisation that embraces diversity and inclusion, ensuring a welcoming environment for all employees. 

• Take advantage of a strong focus on employee wellbeing, including mental health support, wellness programs, and fitness incentives. 

• Engage in meaningful community and social responsibility initiatives that align with RACWA's values and mission. 

About RAC 

RAC WA is a member-focused organisation dedicated to serving the Western Australian community. Our mission is to create a safer, more sustainable, and connected future for all Western Australians. 
RAC values inclusivity, diversity, and flexibility in the workplace. As an Equal Opportunity Employer, we welcome everyone. For assistance during the application process, contact [email protected]. #LI-JC1