Educational requirements: Bachelor
English requirements: Competent English
Requirements for skilled employment experience for years: 3-5 years
Required residence status: Temporary visa, Permanent resident, Citizen
Accept remote work: unacceptable
We are also happy to consider a software engineer who has been working with security and is looking to move sideways into security.
What you will be doing: Work closely with the broader Product and Engineering teams whilst providing them with security guidance and requirements for our new and existing products. Perform technical and non-technical security reviews on applications along with working with our product and engineering teams to implement remediation activities. Ensure appropriate security controls and processes. For example, making sure threat modelling and security testing are seamlessly embedded into the engineering development processes. Drive the continued education of engineers and product team to maintain a security aware culture. Work closely with internal and external stakeholders to scope, manage and remediate regular penetration testing assessments. Continually review and improve the security function by identifying possible enhancements, developing skills, identifying new techniques, and developing automation to mitigate security risks. Contribute to various security projects to assist the Head of Cyber Security in delivering the cyber security roadmap following timeframes and budget. What you’ll need to succeed: Ideally experience in security, preferably in application security or software engineering role. Technical skills including networking, software engineering, systems administration, penetration testing and vulnerability assessments. Experience in a cloud infrastructure environment – AWS or Azure, preferably with Azure PaaS experience. Basic coding proficiency in Python. Experience in highly automated DevOps environments and familiarity with toolsets including Git, Azure Pipelines, Docker, Kubernetes etc. Optional, but highly regarded: Experience in web application penetration testing. Experience in working with software developers to advise on security controls and requirements. Experience in vulnerability management or threat intelligence capabilities. Experience with common information security management frameworks, standards, principles, and processes (OWASP, CIS, SANS, ISO, NIST etc.) Relevant security certifications (CISSP, GIAC, Security+, CEH, OSCP etc.) Don’t let a confidence gap get in the way of submitting your application. We’d love to hear from you and see if this could be a great match.
