Application Security Specialist - Security Practice

ASB Bank

Remote

Application Security Specialist

Location: ASB C:Drive, Albany, Tāmaki Makaurau Auckland

About us | Mō Mātou

At ASB, security is not about gatekeeping or slowing teams down. It is about helping our people build secure, reliable technology from the start.

We are looking for an experienced

Application Security Specialist to join our Security Practice in Auckland. This is a senior individual contributor role for someone who enjoys working deeply with engineering teams, influencing how software is designed and built, and making a practical, visible difference to security outcomes.

This role is Auckland based and works in a hybrid way. It is a permanent position.

About The Team

Our Security Practice partners closely with Technology, Architecture and Delivery teams across ASB. We focus on building security into the way we work, rather than adding it at the end.

The team supports modern engineering practices across cloud, CI/CD and agile delivery. We work collaboratively with squads to improve security capability, set clear patterns and standards, and help teams take ownership of secure software. The emphasis is on trust, pragmatism and continuous improvement.

Why work in AppSec at ASB

This role is for experienced application security specialists who want to be involved early, have real influence, and see their advice turn into better systems.

At ASB You Will

  • Be involved across the full software development lifecycle, not just reviews at the end
  • Influence how applications are designed and built at enterprise scale
  • Balance hands on technical work with consulting and coaching teams
  • Help set direction through security patterns and secure design practices
  • Work in an environment that values collaboration, learning and practical outcomes over perfection

You will be trusted as a specialist and expected to use your judgement. The focus is on enabling secure delivery, not policing it.

About The Role

As an Application Security Specialist, you will work closely with engineering and delivery teams to improve application security outcomes across ASB. You will provide both hands-on technical input and consultative guidance, helping teams identify and address security risks early and effectively.

You will be involved in shaping how application security is approached across the organisation, while still staying close to the technology.

Key Responsibilities Include

  • Supporting secure design and engineering practices across the software development lifecycle
  • Leading application security activities such as design reviews, threat modelling, testing and code reviews
  • Identifying security risks and working with teams to define pragmatic mitigation plans
  • Helping secure build, deployment and CI/CD pipelines, including integration with security tooling such as SAST, DAST, IAST and SCA
  • Creating and maintaining application security and security engineering patterns
  • Partnering with Architecture, Engineering and Quality Assurance to ensure applications are robust and safe
  • Sharing knowledge and insights to lift application security capability across squads
  • Supporting security education and contributing to security champion initiatives
  • Continuously improving how application security operates at ASB

About You

You are an experienced application security specialist who enjoys working with people as much as with technology. You are comfortable influencing without authority and can explain complex security concepts in a clear, practical way.

You bring a strong foundation in application security and enjoy staying hands on while helping others do their best work.

You Will Likely Have

  • Strong experience in application security, including threat modelling, secure design and secure coding practices
  • A good understanding of common application security risks, controls and weaknesses
  • Experience working with modern development practices, including agile and DevSecOps environments
  • Familiarity with CI/CD pipelines and application security tooling
  • Experience with modern programming languages and web application technologies such as Java, Python, .NET, JavaScript frameworks and common web stacks
  • Exposure to cloud environments such as IaaS, PaaS, SaaS and containerised platforms
  • The ability to work effectively across multiple teams and stakeholders
  • Clear, professional communication skills and a pragmatic approach to problem solving

If you are an experienced AppSec specialist looking for a role where you can make a genuine impact, work closely with delivery teams, and help shape how security is done, we would love to hear from you.

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

See more Remote jobs