AppSec Jobs
← Back to all jobs

Westpac

Principal Security Engineer

Sydney, New South Wales, AustraliaWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Westpac

Westpac Banking Corporation, established in 1817, is Australia's first and oldest banking institution. Headquartered in Sydney, it operates as one of the country's Big Four banks, serving over 13 million customers across Australia, New Zealand, and seven South Pacific nations. The company employs approximately 35,000-36,500 people and manages total assets of USD 684.1 billion, with projected revenue of AUD 58.4 billion for 2025. Westpac offers a wide range of banking and financial services through its five main divisions: Consumer Bank, Commercial and Business Bank, BT Financial Group, Westpac Institutional Bank, and Westpac New Zealand. Services include everyday banking, loans, business services, and wealth management. The company is committed to sustainability and community support, with initiatives like financial hardship assistance and the Westpac Outstanding Women Awards.

Industry

banking

Employees

36,000

948 engineers

Revenue

$15B

Website

Visit →

Security at Westpac

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

Westpac's stated AppSec mission is "Cyber security specialists make everyone safer." The organization prioritizes protecting customers through comprehensive, real-time authentication and fraud detection platforms. Developer enablement approach and risk philosophy details are not publicly documented.

Security Team

The AppSec team at Westpac includes key leaders such as Nina Juliadotter (Application Security Practice Lead), Bernard Cacayan (Senior Manager, Application Security), and Ian Evans (Cloud & Application Security). Estimated team size is 5-10 members based on public LinkedIn profiles. The team reports into the broader cybersecurity organization, though specific reporting lines to CISO or CTO are not publicly available.

Key Initiatives

  • Recent initiatives include public-facing outreach and recruitment activities within the Application Security Team.
  • No public documentation found describing specific vulnerability lifecycle SLAs, triage workflows, or security champions programs..

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.