We’re a leading business management solution with a core purpose: helping more businesses in Australia and New Zealand start, survive and succeed.
At MYOB, we believe what’s good for one business is good for all business—and for all of us. Whether you support them, work for them, or dream of building your own, when businesses run smoothly, everybody feels it. Owners, employees, customers, suppliers—even families. That’s why we’re here: to give every person in business the tools they need to focus on what really matters and do Big Things—whatever big looks like for them.
And for you? Joining MYOB means being part of that impact. It means using your skills to help businesses thrive, shaping the future of work, and growing alongside the people and communities we support. Because while we’re the business of software, we’re really in the business of people. And that makes MYOB Everyone’s Business.
About the role
Breaking things is fun. Designing controls to avoid bugs - that’s the real challenge.
If you’ve spent your career hunting bugs or triaging endless appsec backlogs, you’ve probably thought “If I could just get in earlier".
Welcome to your next move!
What you will do
You will manage security for your assigned business domains, embedding yourself into the lifecycle of our SaaS products. You get to be the architect, the strategist and the trusted advisor:
- Own Your Domain: Partner directly with product and leadership teams to define practical security requirements throughout the software lifecycle.
- Move Beyond the Checklist: Lead threat and security architecture reviews with direct product feedback and actionable outcomes for fast-moving cloud products.
- Empower: Work side-by-side with product teams, improve processes and mentor teams on security best practices.
- Make it count: You have the autonomy to experiment, create better workflows, build better tools, patterns and trial new technologies that scale without slowing things down.
Who you are
We need someone who can genuinely own security for a major part of our tech stack.
- The AppSec or Pentest: You have a deep understanding of application security. You know your way around code, modern web apps, contemporary architectures and SaaS infrastructure. You’re ready to channel that "attacker mindset" into helping us build resilient software.
- The change excites you: You are comfortable operating with vague requirements and diverse day-to-day. Risk discussion with tech-leadership at 1:00pm, dive into security architecture review at 3pm.
- The pragmatist: You understand that security does not exist in a vacuum. You collaborate, build rapport, ask for help when you need it and design creative realistic solutions that balance risk with shipping features.
- Autonomy: You are a self-starter with a give it a go attitude. You are up to date with security trends, you are not afraid to make a call and own your decisions.