Principal Consultant, Application Security
Thales
At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it’s all driven by human intelligence.
Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what’s possible.
From manufacturing and engineering to cybersecurity and space, we’re driving progress in some of the world’s most important industries – and working together to build a future we can all trust.
Location - Melbourne or Sydney
OUR BENEFITS
In addition to interesting, engaging opportunities that impact at scale, and ongoing personal and professional development opportunities, Thales Cyber can offer you:
Competitive remuneration structure
Hybrid and flexible working options under the Thales Flex program
Paid parental leave and family support through Parents at Work
The day off on your birthday each year
Novated Lease options
Ongoing personal and professional development opportunities
Sonder – Wellbeing & Support Partner
ABOUT THALES
Thales delivers cybersecurity products and services that keep people and assets safe, giving organisations confidence in the security of their digital journeys. Our solutions are deployed in 148 countries, helping governments to maintain sovereignty, and organisations to preserve their strategic autonomy.
Thales is a global leader in cybersecurity - no.1 in data security - with 6,000+ experts and developers. We bring trust and resilience to key industries including finance, health, retail and manufacturing, as well as vital sectors such as aerospace, critical infrastructure, defence and space.
YOUR ROLE
As the new Principal Consultant you will spearhead high-impact engagements across hybrid and multi-cloud environments. In this role, you’ll lead end-to-end delivery of secure application architectures, API security, DevSecOps integration, and threat protection for major enterprise clients.
You’ll act as the technical authority on projects, shaping solutions alongside Cloud and Security Architects, guiding secure designs, and ensuring excellence across WAF, DDoS, API gateways, and secure code pipelines. You’ll also mentor engineers, uplift capability, and contribute to pre-sales, practice growth, and stakeholder engagement.
What You’ll Do:
Lead complex application and API security engagements across cloud and hybrid environments
Own solution quality, delivery outcomes, and technical leadership for major clients
Design and implement WAF, DDoS, and API security solutions (Cloudflare, Imperva, Azure Front Door, Apigee, AWS/GCP/Azure)
Embed DevSecOps practices and security tooling into CI/CD pipelines
Drive automation via IaC (Terraform, Bicep, CloudFormation) and secure deployment patterns
Mentor AppSec and DevSecOps engineers to uplift capability and delivery consistency
Engage confidently with technical and executive stakeholders
Support pre-sales, SoWs, and technical workshops
What You’ll Bring:
Proven Application Security or DevSecOps consulting experience
Deep experience with WAF, DDoS, API gateways, and secure SDLC
Strong hands-on capability integrating SAST/DAST/SCA tools into CI/CD
Cloud-native security expertise across AWS, Azure, or GCP
Solid understanding of frameworks such as OWASP, Essential Eight, ISO 27001, NIST CSF
Strong communication and stakeholder engagement skills
Certifications in cloud or AppSec highly regarded
WE ENCOURAGE YOU TO APPLY
After you have applied, you will receive an email acknowledging your application. We’ll then provide a personalised experience for suitable applicants as we progress the selection and assessment process. Prior to being offered employment, you will need to complete pre-employment police and depending on the role type, medical checks as well.
#LI-Onsite #LI-RK1
It’s easy to dismiss the perfect opportunity if you don’t see yourself as the perfect fit. If this role feels right – no matter your background or personal circumstances – please introduce yourself or join our community. We’re committed to supporting a diverse workplace, and that starts here.
We’re proud to be endorsed by WORK180 as an Employer for All Women, but we know there’s always more we can do. We’ll continue to foster industry partnerships, employee resource groups (ERGs) and development opportunities to make Thales a genuinely equitable employer, for everyone.
