This newly created role is an exciting opportunity for a highly technical Cyber Security Engineer, familiar with building cyber tools in a Devops, agile environment.
As part of a centralised division, you will be responsible for helping this business deliver results securely by implementing key cyber security strategies and emerging technologies.
We are looking for somebody highly passionate about Cyber, who has come from a Software engineering background and can talk about coding /programming and has moved into securely building tools with the CI/CD pipeline in highly technical environments. As a lead engineer, you will be tasked with end to end project delivery as well as building relationships with other technical teams.
A big part of the role is working with the data anaytics team and understanding how the data tools will fit in with cyber security standards and tools.
In this role you will:
Work with the Corporate Security Operations team, Engineering teams, Information Security Office and business partners.
Provide inputs to solution architecture and high-level design documentation.
Take detailed designs and deliver Cyber changes to help operationalise the data platform and other corporate devision changes
Guide and implement technical design and development decisions by pragmatically balancing cyber security requirements with business needs
Engineer and automate security into all layers of the technology platform or service to achieve secure by design and privacy by design from the start.
Research, identify and implement potential configurations or development artifacts to meet the cyber security policies and standards across the technology stack.
Collaborate with stakeholders to configure and manage resources, data access and protection, and applications.
Capture, monitor and analyse security logs and proactively identify and mitigate incoming threats against data and technology resources.
Strong experience securing and integrating cloud and security tooling, within AWS and Azure.
Strong scripting & coding experience in: Python, Java or similar
Writing and reviewing deployment templates with Kubernets or Terraform
Good working knowledge and experience with Kubernetes, artefact scanning.
Working knowledge of database security configuration and policy management (IAM, schema)
Strong experience in analysing and optimising security configurations.
Strong experience with secure coding practices and DevSecOps environments, code versioning tools (Gitlab) and build automation tools.
Experience in managing CI/CD pipeline.
Experience delivering capabilities using agile methodology.
Experience with one or more key security domains for example security monitoring and vulnerability management, network security products, data loss prevention, identity & access management, PKI and cryptographic technologies.
Experience with data engineering platforms, APIs and hybrid cloud environments will be highly regarded
These certifications, qualifications and frameworks you’ll be familiar with and may hold:
Degree in Computer Science, Software Engineering, Information Technology or Cyber Security specialisation.
ICS2 (CISSP), CREST, CEH, CISA, CISM or other cyber security industry certification would be highly regarded.
Familiarity with NIST, CIS benchmarks, ISO security and privacy frameworks a plus.
This is a permanent position that offers remote working and flexible working arrangements, but will require some face to face team work when safe and applicable. The role can be based in Melbourne or Perth.