Cyber Security Engineer

THE COMPANY

This company is a successful, rapidly growing, and innovative mid-sized Financial Services firm who employ 350+ staff across Australia.

What’s on offer?

• Involvement in a major cyber security uplift program across the whole organisation.
• Business size that allows your voice to be heard and the ability to influence decisions with no unnecessary red tape or bureaucracy.
• Ongoing training and professional development with an internal career path towards either a Cyber Security Architect or Cyber Security Manager in the future.
• Microsoft cloud first approach.
• Friendly, open, collaborative, and motivated team who are ‘getting things done!’
• Hybrid working – 3 days in office, 2 days WFH.
• Offices located close to public transport + free onsite parking

THE ROLE & RESPONSIBILITIES

Newly created Cyber Security Engineer, responsible for protecting cloud-based systems, data, and applications from cyber threats, ensuring compliance with security policies, and developing metrics and dashboards to identify areas for uplift/remediation.

You’ll join a newly created team in a heavily project-focused role critical to a major cyber security uplift program aligned to NIST and Essential Eight.

Key elements of the role include:

• Email, Endpoint, Identity & SaaS Security – through the management and optimisation of the full Microsoft Defender suite + Intune.
• Cloud Security - design, implement & manage strong cloud security measures in Azure.
• Vulnerability Management – manage & optimise Vulnerability Management tools (Defender); work with internal teams on patching/remediation; and develop automated metrics/dashboards for greater vulnerability insights.
• Security Management & Governance – manage Purview for DLP; produce security metrics from various data sources to enable better risk-based decision making; manage 3rd party pen testing; develop threat models to analyse & recommend improved security measures/solutions.
• Security Monitoring & Response – work with an external SOC and lead investigations and IR processes; lead post-incident review/reporting; automate threat detection and IR processes.
• Teamwork, Collaboration & Training – working with cross-functional teams to educate, communicate, and implement security best practice and greater security awareness.

REQUIRED EXPERIENCE, KNOWLEDGE, PERSONAL QUALITIES

Suitable for a hands-on Cloud Security Engineer with strong expertise managing & optimising Defender + Azure cloud security.

Threat modelling experience + a background extracting data to produce security metrics to improve vulnerability management is essential.

Ideal for someone keen to be involved in a significant cyber security uplift inside an organisation where you can have your voice heard, be able to influence decisions, and enjoy no unnecessary red tape or bureaucracy.

The following is required:

• Proven Cloud Security Engineering experience with Azure (incl Sentinel, Entra ID, Firewall, Key Vault).
• Strong experience with Microsoft Defender (Endpoint, Vulnerability Management, XDR, Office 365, Cloud Apps).
• Proven experience producing & analysing security metrics to improve Vulnerability Management.
• Competent Threat Modelling experience (e.g. STRIDE, MITRE ATT&CK)
• Demonstrate strong knowledge of cloud security concepts (network security, data protection, identity, cloud security architecture).
• Financial Services experience or a similar highly regulated industry.
• Able to confidently & clearly communicate thoughts / ideas / concepts and form relationships / collaborate with others.
• Enthusiastic to be part of a cyber uplift and able to take the initiative to deliver it.
• Able to work autonomously, manage your own priorities, be process driven, yet still able to think outside the box and problem solve.

This is a full-time permanent role (hybrid WFH available) and is offering $150,000 - $170,000 depending on experience.

Newcastle based candidates preferred - Sydney candidates welcomed to apply.

Australian Citizenship or Permanent Residency is required for this role and successful applicants will be contacted.