AppSec Jobs
← Back to all jobs

Thales

Principal Consultant, Application Security

Melbourne, Victoria, AustraliaWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Thales

Thales Group is a French multinational corporation based in Paris, specializing in aerospace and defense. Founded in 1893, the company has evolved through various mergers and rebranded as Thales in 2000 to unify its global presence. Thales designs and manufactures a wide range of systems, including defense electronics for air, land, sea, and space applications, as well as cybersecurity solutions that protect critical infrastructure. The company also provides aerospace avionics for both commercial and military aircraft, radar and sensor systems for surveillance and air traffic control, and secure communications systems. Operating in over 68 countries, Thales serves government, military, aerospace, and security sectors, generating significant revenue from its military activities. With a history of strategic acquisitions and partnerships, Thales continues to expand its capabilities and global footprint, delivering integrated solutions to a diverse range of customers worldwide.

Industry

defense & space

Employees

79,000

11568 engineers

Revenue

$21B

Website

Visit →

Security at Thales

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Thales's application security philosophy, influenced by its Imperva acquisition, emphasizes the critical importance of API security, automated threat detection, and embedding security into development processes through DevSecOps.
  • They state that "API security is no longer optional - it's fundamental to maintaining business continuity and trust."and that "As we step into 2025, the critical importance of application and API security has never been more evident."The company promotes "DevSecOps practices, embedding security into development processes."and highlights that "Imperva Application Security integrates advanced threat detection engines with automated inline responses."Furthermore, they acknowledge that "More than half of all internet traffic is now automated.".

Security Team

  • Key public-facing leaders for application security include Tim Chang (Global VP & GM, Application Security) and Nanhi Singh (Head of Application Security Products / Chief Imperva Customer Officer as of blog date).
  • As of, LinkedIn Jobs showed 17 Thales Security Engineer Jobs in United States (search summary), including DevSecOps and Application Security roles.
  • Evidence describing the internal AppSec org model (centralized vs. embedded) and formal reporting line to CISO/CTO was not found in accessible public pages.

Key Initiatives

Thales/Imperva communications emphasize API security, detection and automated mitigation capabilities, and DevSecOps adoption driven by API growth. Specifically, "Imperva Application Security integrates advanced threat detection engines with automated inline responses"and promotes "DevSecOps practices, embedding security into development processes."Information regarding an internal Security Champions program, ticketing SLAs (e.g., MTTR or critical findings within X days), or detailed triage/remediation workflows are not publicly available.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.