Technical Product Owner Application & Container Security

It begins at Bendigo Bank

Weve never been just a bank. Just like you should never be just an employee. Were united in our belief that in banking better can be bigger and together were making it happen.

It starts here. With Bendigo Bank and you.

About the opportunity

At Bendigo Bank we are committed to being Australias bank of choice. As we accelerate our digital transformation securing the software that powers our customer experiences is paramount. We are looking for a passionate and experienced leader to own and drive the strategy for our application and container security capabilities.

In this critical hands-on role you will act as both a strategic product owner and a deep technical leader for application and container security. Youll have complete ownership of the security toolchainfrom SAST and DAST to container securitythat protects our software from the first line of code to the cloud.

As the Technical Product Owner youll define the vision and prioritize the roadmap for these tools. Youll be the go-to expert guiding our developers and platform engineers on how to build secure software from the ground up. Ultimately your mission is to empower our engineering teams by making security a seamless and integral part of the development lifecycle allowing us to deliver secure and resilient applications at speed.

In this role youll get to

• Define the product vision and roadmap for our application and container security tools prioritizing work to reduce risk and deliver the most value.
• Act as the lead expert on secure coding integrating security tools into developer workflows and championing DevSecOps practices across engineering teams.
• Manage the full lifecycle of our security tools from evaluation to operation while automating security testing to make our response to vulnerabilities faster and more efficient.
• Partner with development and operations teams to make security seamless while also working with risk and compliance to ensure we meet all regulatory requirements.

What youll bring to the role

To be successful in the role you will have:

• Significant hands-on experience in application security with deep technical knowledge of security vulnerabilities (OWASP Top 10) and testing methodologies (SAST DAST SCA IAST).
• Demonstrated practical experience with container technologies (Docker Kubernetes) and container security principles (image scanning runtime protection network policies).
• Proven experience integrating security tools into CI/CD pipelines (e.g. GitLab CI Jenkins DevOps).
• Experience in a Product Owner or similar role with a strong understanding of Agile principles backlog management and roadmap development.
• Familiarity with the Australian financial services regulatory landscape is highly desirable.
• Excellent communication skills with the ability to articulate complex technical concepts to both technical and non-technical stakeholders.
• A collaborative mindset and a passion for empowering developers to build secure code.
• Relevant industry certifications are highly regarded (e.g. CSSLP GCSA CKA/CKAD/CKS).

We offer flexible work options that put our people first working in a hybrid model with a minimum local Head Office attendance requirement determined by your Leader to find a rhythm that works best for you and your team. We believe that coming into the office some of the time is the best way to learn stay connected and collaborate effectively especially for key activities like team days 1:1s and town halls.

We believe a diverse workforce supported by an inclusive culture is central to our success and we actively encourage applications from those who bring diversity of thought to our business. We support candidate requests for adjustment to accommodate an illness injury or disability to equitably participate in the selection process.

If this sounds like an opportunity for you check out the attached Position Description and apply.

Please note all internal candidates are required to notify their immediate leader when applying for a new career opportunity and you will be asked to acknowledge they have done so upon submission of your application.

Please contact the Hiring Leader Ian Waters (Head of Security Strategy Enablement & Engineering) or Kate Weston (SeniorTalent Acquisition Advisor) for a confidential discussion if there are any concerns meeting this requirement during the application processor if you would like to discuss the position further.

For more information check out the Application Process for Internal Candidatespage.

Still in two minds

Research suggests 60% of women and underrepresented groups might stop here even after getting as far as drafting an application. We believe that diversity makes every team stronger so even if you dont tick every box we still want to see your application!

Please note shortlisting and interviews may take place prior to the advertised close date so dont delay apply now!