Technical Product Owner - Application & Container Security

“It begins at Bendigo Bank”

We’ve never been ‘just a bank’. Just like you should never be ‘just an employee’. We’re united in our belief that in banking, better can be bigger, and together we’re making it happen.

It starts here. With Bendigo Bank… and you.

About the opportunity

At Bendigo Bank, we are committed to being Australia's bank of choice. As we accelerate our digital transformation, securing the software that powers our customer experiences is paramount. We are looking for a passionate and experienced leader to own and drive the strategy for our application and container security capabilities.

In this critical, hands-on role, you will act as both a strategic product owner and a deep technical leader for application and container security. You'll have complete ownership of the security toolchain—from SAST and DAST to container security—that protects our software from the first line of code to the cloud.

As the Technical Product Owner, you'll define the vision and prioritize the roadmap for these tools. You'll be the go-to expert, guiding our developers and platform engineers on how to build secure software from the ground up. Ultimately, your mission is to empower our engineering teams by making security a seamless and integral part of the development lifecycle, allowing us to deliver secure and resilient applications at speed.

In this role you’ll get to…

• Define the product vision and roadmap for our application and container security tools, prioritizing work to reduce risk and deliver the most value.
• Act as the lead expert on secure coding, integrating security tools into developer workflows and championing DevSecOps practices across engineering teams.
• Manage the full lifecycle of our security tools, from evaluation to operation, while automating security testing to make our response to vulnerabilities faster and more efficient.
• Partner with development and operations teams to make security seamless, while also working with risk and compliance to ensure we meet all regulatory requirements.

What you’ll bring to the role

 To be successful in the role you will have:

• Significant hands-on experience in application security, with deep technical knowledge of security vulnerabilities (OWASP Top 10) and testing methodologies (SAST, DAST, SCA, IAST).
• Demonstrated practical experience with container technologies (Docker, Kubernetes) and container security principles (image scanning, runtime protection, network policies).
• Proven experience integrating security tools into CI/CD pipelines (e.g., GitLab CI, Jenkins, DevOps).
• Experience in a Product Owner or similar role, with a strong understanding of Agile principles, backlog management, and roadmap development.
• Familiarity with the Australian financial services regulatory landscape is highly desirable.
• Excellent communication skills, with the ability to articulate complex technical concepts to both technical and non-technical stakeholders.
• A collaborative mindset and a passion for empowering developers to build secure code.
• Relevant industry certifications are highly regarded (e.g., CSSLP, GCSA, CKA/CKAD/CKS).

We offer flexible work options that put our people first, working in a hybrid model with a minimum local Head Office attendance requirement determined by your Leader, to find a rhythm that works best for you and your team. We believe that coming into the office some of the time is the best way to learn, stay connected and collaborate effectively, especially for key activities like team days, 1:1s, and town halls.

We believe a diverse workforce supported by an inclusive culture is central to our success and we actively encourage applications from those who bring diversity of thought to our business. We support candidate requests for adjustment to accommodate an illness, injury, or disability to equitably participate in the selection process.

If this sounds like an opportunity for you check out the attached Position Description and apply.  TECHNI~1.PDF

Please note, all internal candidates are required to notify their immediate leader when applying for a new career opportunity and you will be asked to acknowledge they have done so upon submission of your application.

Please contact the Hiring Leader – Ian Waters (Head of Security Strategy, Enablement & Engineering) or Kate Weston (Senior Talent Acquisition Advisor) for a confidential discussion if there are any concerns meeting this requirement during the application process, or if you would like to discuss the position further. 

For more information, check out the Application Process for Internal Candidates page. 

Still in two minds?

Research suggests 60% of women and underrepresented groups might stop here, even after getting as far as drafting an application. We believe that diversity makes every team stronger, so even if you don’t tick every box we still want to see your application!

Please note shortlisting and interviews may take place prior to the advertised close date, so don't delay apply now!