AppSec Jobs
← Back to all jobs

Endeavour Group

Senior Application Security Engineer

Melbourne, Victoria, AustraliaWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Endeavour Group

Endeavour Group Ltd is a prominent Australian company focused on alcoholic drinks retailing, hotel operations, and poker machine management. Established in 2019 as a spin-off from Woolworths Group, it became a separate entity listed on the Australian Securities Exchange in June 2021. The company operates through three main segments. In retail, Endeavour Group runs over 1,700 stores under well-known brands like Dan Murphy's and BWS, along with specialty businesses such as Langton's and Jimmy Brings. Its hotel operations, managed under the ALH Group brand, encompass more than 350 hotels across Australia, providing food, drinks, accommodation, and entertainment. Additionally, the company supports corporate functions and services through its other segment. Endeavour Group is Australia's largest retail drinks network and holds the largest portfolio of licensed hotels in the country. In 2024, it generated over AUD 12.3 billion in revenue and employed around 30,000 people. The company is also exploring new markets, including a recent investment in the esports company Fortress.

Industry

retail

Employees

30,000

104 engineers

Revenue

$7.9B

Website

Visit →

Security at Endeavour Group

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Endeavour Group's AppSec philosophy emphasizes championing a security-first culture, leading the improvement of the Software Development Lifecycle (SDLC), building and improving scalable automation, and consulting and mentoring development teams on application security.
  • Their approach leans towards developer enablement rather than gatekeeping, and they focus on threat modeling, security architecture, and driving remediation of identified vulnerabilities.
  • Key areas of focus include DevSecOps, Azure infrastructure, OWASP, Container Security, Kubernetes, and security tools like SCA, DAST, and SAST.

Security Team

The public-facing AppSec personnel include Akella Divyatej, identified as a Senior Application Security Engineer at Endeavour Group, and Steven Rebello, named as the CISO. Steven Rebello reports into group CIO Claire Smith. However, the explicit organizational model and reporting chain for the AppSec team, as well as an estimate of the team size, are not publicly available.

Key Initiatives

Endeavour Group's initiatives include leading the improvement of their Software Development Lifecycle (SDLC), building and improving scalable automation, and driving the remediation of identified vulnerabilities. They also focus on consulting and mentoring development teams on application security, and designing and delivering application security awareness and training. Specific details regarding a formal Security Champions program, vulnerability management SLAs, ticketing workflows, MTTR figures, or triage ownership language are not publicly available.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.