At a previous job I was told security wasn’t a big deal for internal-facing projects. I never quite bought it, but maybe I’ve read too many horror stories.
Do you work on internal or external-facing projects? And is security considered important for those projects? Do you personally consider it important?
My team primarily does internal applications and all code goes through static code analysis, and end to end encryption. Being a larger company means an increased risk of insider threats. So yes security is important, this day and age I consider trying to mitigate risks, internal and external, as best practice.