At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it’s all driven by human intelligence.

Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what’s possible.

From manufacturing and engineering to cybersecurity and space, we’re driving progress in some of the world’s most important industries – and working together to build a future we can all trust.

Location - Melbourne or Sydney

OUR BENEFITS

In addition to interesting, engaging opportunities that impact at scale, and ongoing personal and professional development opportunities, Thales Cyber can offer you:

Competitive remuneration structure

Hybrid and flexible working options under the Thales Flex program

Paid parental leave and family support through Parents at Work

The day off on your birthday each year

Novated Lease options

Ongoing personal and professional development opportunities

Sonder – Wellbeing & Support Partner

ABOUT THALES

Thales delivers cybersecurity products and services that keep people and assets safe, giving organisations confidence in the security of their digital journeys. Our solutions are deployed in 148 countries, helping governments to maintain sovereignty, and organisations to preserve their strategic autonomy.

Thales is a global leader in cybersecurity - no.1 in data security - with 6,000+ experts and developers. We bring trust and resilience to key industries including finance, health, retail and manufacturing, as well as vital sectors such as aerospace, critical infrastructure, defence and space.

YOUR ROLE

As the new Principal Consultant you will spearhead high-impact engagements across hybrid and multi-cloud environments. In this role, you’ll lead end-to-end delivery of secure application architectures, API security, DevSecOps integration, and threat protection for major enterprise clients.

You’ll act as the technical authority on projects, shaping solutions alongside Cloud and Security Architects, guiding secure designs, and ensuring excellence across WAF, DDoS, API gateways, and secure code pipelines. You’ll also mentor engineers, uplift capability, and contribute to pre-sales, practice growth, and stakeholder engagement.

What You’ll Do:

Lead complex application and API security engagements across cloud and hybrid environments

Own solution quality, delivery outcomes, and technical leadership for major clients

Design and implement WAF, DDoS, and API security solutions (Cloudflare, Imperva, Azure Front Door, Apigee, AWS/GCP/Azure)

Embed DevSecOps practices and security tooling into CI/CD pipelines

Drive automation via IaC (Terraform, Bicep, CloudFormation) and secure deployment patterns

Mentor AppSec and DevSecOps engineers to uplift capability and delivery consistency

Engage confidently with technical and executive stakeholders

Support pre-sales, SoWs, and technical workshops

What You’ll Bring:

Proven Application Security or DevSecOps consulting experience

Deep experience with WAF, DDoS, API gateways, and secure SDLC

Strong hands-on capability integrating SAST/DAST/SCA tools into CI/CD

Cloud-native security expertise across AWS, Azure, or GCP

Solid understanding of frameworks such as OWASP, Essential Eight, ISO 27001, NIST CSF

Strong communication and stakeholder engagement skills

Certifications in cloud or AppSec highly regarded

WE ENCOURAGE YOU TO APPLY

After you have applied, you will receive an email acknowledging your application. We’ll then provide a personalised experience for suitable applicants as we progress the selection and assessment process. Prior to being offered employment, you will need to complete pre-employment police and depending on the role type, medical checks as well.