Security Design Lead

Rabobank is the world’s leading specialist in food & agribusiness banking. One of our key strengths lies in our people who have a deep understanding of agriculture & are committed to adding long-term value for clients. Our commitment to our employees & clients is at the heart of everything we do.

Rabobank’s Technology Engineering Security Team is accountable for designing, developing, & implementing cybersecurity controls to detect & mitigate threats. The team comprises of Security Architecture, Vulnerability Management, Security Testing & Red Team. The team now has an opening for a Security Design Lead based in Sydney

The Security Design Lead is an individual contributor role that will spearhead the integration of security practices within DevOps processes, ensuring alignment with the bank's security strategy & architecture. You will play a key role in implementing robust security & compliance measures across the SDLC, with a focus on delivering secure, scalable, & automated solutions.

Top Role Accountabilities:

• Align Security Strategy: Partner with architects to embed secure design patterns & DevOps practices aligned with compliance goals
• Conduct Security Reviews: Perform technical assessments & secure design reviews across both in-house & cloud-based deployments ensuring secure configurations
• Automate & CI/CD Integration: Develop & integrate tools for continuous security testing (SAST, DAST, SCA, IaC) into CI/CD pipelines
• Automated Security Audits: Build automation solutions to detect monitor & detect misconfigurations. Implement policy-as-code frameworks to enforce security guardrails
• Enhance Tooling: Develop APIs integrations & recommend configuration improvements to enhance efficiency & usability
• Promote Secure Coding: Guide teams on secure coding standards to reduce vulnerabilities in software development
• Threat Modelling: Lead threat modelling exercises to identify potential security threats & design countermeasures within DevOps workflows
• Cross-Functional Collaboration: Work with development, operations, & security teams to foster a culture of security awareness & shared responsibility. Champion the implementation of shift-left security practices within Technology Teams. Support internal & external audit & compliance initiatives
• Risk Management: Collaborate with the vulnerability management team to conduct risk assessments & prioritise remediation efforts based on business impact & threat severity
• Documentation & Reporting: Provide guidance to teams on maintaining documentation of security designs, processes & compliance measures. Deliver regular security reports, playbooks, & infrastructure & application hardening guides

To be successful you will have:

• 5+ years of experience in security engineering, DevOps, or related fields, with 3+ years focused on security within DevOps practices across hybrid cloud environments
• In-depth knowledge of DevOps pipelines & secure SDLC integration
• Hands-on expertise with infrastructure-as-code tools such as Bicep, ARM templates, Terraform, & YAML pipelines
• Proficiency with automation tools (e.g., Terraform, Ansible) & CI/CD platforms (e.g., Jenkins, GitLab, GitHub Actions, Azure Pipelines)
• Proven ability to collaborate with developers & platform engineers to embed security into design, deployment, & monitoring workflows
• Demonstrated experience integrating security tools into CI/CD pipelines (e.g., Qualys, Check Marx, or similar vulnerability management solutions)
• Strong understanding of security best practices in infrastructure-as-code environments
• An ability to build & manage automation tools for security validation, policy enforcement, & compliance reporting
• Excellent problem-solving skills with a focus on designing secure, scalable, & resilient solutions
• Solid grasp of common vulnerabilities, attack vectors, & modern security defence strategies
• Deep knowledge of secure coding standards (e.g., OWASP ASVS, CERT SCP, NIST SSDF)
• Practical experience with threat modelling methodologies such as STRIDE or DREAD
• Familiarity with leading security frameworks & benchmarks (e.g., NIST, CIS, STIG, Cloud Security Benchmarks)
• Knowledge of risk management frameworks & compliance standards (e.g., ISO 27001, SOC 2, PCI-DSS)

Applicants must hold valid work rights for this role.

Our Values

Rabobank Australia values inclusion, belonging, & positive experiences for all. Our work environment, our benefits, & the way we live our values, “Client Driven”, “Responsible”, “Professional” & “Cooperative” make it a great place to work. We welcome applicants from diverse backgrounds.

Please let our Talent Acquisition team know if you need any accommodations to make our opportunities more accessible to you.

What we're proud to offer you:

• Rabo@Anywhere is our hybrid way of working at Rabobank & for Australia, that means we have a blend of time working between the office for 2 days & home
• Wellbeing leave. These 2 extra leave days support greater work/life balance & is just another way we are helping our employees to lead happier, healthier, & more fulfilling lives
• Education Assistance Program. Rabobank values the development of its people & has a great Education Assistance Program to assist with professional development.
• Bonus & Additional Leave. We realise sometimes 4 weeks Annual Leave isn't enough! At Rabobank we provide an incentive for eligible employees to receive 1 extra week Annual Leave & an option to purchase another 2 weeks Annual Leave
• Extra Insurance. Rabobank recognises that employees need to protect their financial wellbeing, in the event of serious illness, injury, or even death. Rabobank provides eligible permanent employees with employer-funded Death, TPD & Income Protection Insurance
• Rabo Workplace Giving program. As part of Rabobank's global Corporate Social Responsibility, Workplace Giving aims to encourage employees to contribute to our community. Rabo Workplace Giving program matches employee donations to selected Social Partners