Security (Information & Communication Technology) Full time x-RD is a fast-growing Australian technology business with offices in Canberra and Melbourne. We have a passion for making a difference through the ethical and innovative application of advanced software, engineering, experimentation, science and technology.
At x-RD, the team enjoys working on challenging problems with leaders in their field and leveraging multi-disciplinary backgrounds to develop creative, novel and state-of-the-art solutions, all while having fun.
x-RD is proud to be an inclusive and equal opportunity organisation. We embrace it, value it, celebrate it and support it for the benefit of our employees, our customers and our community. Our team is provided with an environment to excel, with professional development opportunities and the flexibility and support to develop new ideas, services or products. Team members are encouraged and supported to shape the future of x-RD.
We wouldn't be who we are without the team that we have, so we provide generous employment conditions, family-friendly policies and flexible work arrangements to enable our staff to maintain a good work-life balance, along with some unique opportunities for the innovators amongst us.
We are currently expanding and looking for motivated self-starters with a drive to learn and challenge themselves - could that be you?
About the RoleAs a Senior Security Engineer with us, you will help grow and mentor x-RD's cyber security technical capabilities. You will play a vital role in the design, implementation, and maintenance of security measures to protect sensitive information and ensure the confidentiality, integrity, and availability of infrastructure, software, platforms, systems and data.
What you'll doPerform threat modeling to identify applicable threats, and determine responses to those threats.Plan, design, implement, and maintain current and future cyber security capabilities and controls for cloud, network, systems, and applications as exemplars of effective and secure system design in a high-security environment.Successfully integrate with DevOps teams to lead security architecture, secure practices, and vulnerability management.Apply DevOps methodology, Infrastructure-as-Code (IaC), and automation in the secure development (including DevSecOps), maintenance, and operation of systems.Ensure all technology environments align with industry standards and regulations, including the Information Security Manual (ISM) and ASD Essential 8.Enhance Azure security controls and other Microsoft cloud security tools to continuously monitor and assess the security posture of Microsoft 365 and Azure environments.Assist with continuous monitoring of infrastructure, platforms, and systems for security vulnerabilities, and identification of effective defences and mitigating controls.Lead and coordinate swift responses to security incidents across both on-premises and cloud platforms.Collaborate with key stakeholders to identify and address cyber security capability gaps.Provide subject matter expertise to internal teams and external clients, fostering a culture of security awareness and best practices.What we are looking forMinimum of 5 years of relevant industry experience in security domains.Tertiary qualifications in computer science, IT, or cyber security.Professional certifications such as CISM, CISSP, GPEN, OSCP, or equivalent.Experience in implementing security principles, technologies, and relevant standards, including Information Security Manual (ISM) controls, ASD Essential Eight, and hardening of Microsoft cloud Compliance, Identity & Management, and Security services.Experience in hardening, configuration of services, network devices and appliances including Next-Generation Firewalls, IPS/IDS, DLP, and endpoint security solutions.Experience performing threat modeling to identify applicable threats, and determining responses to those threats.Experience using DevOps methodologies, IaC (e.g. Terraform, Microsoft365DSC), and automation in the secure development, maintenance, and operation of systems.Experience applying security enforcement within CI/CD pipelines, inclusive of automation/orchestration.Hands-on experience with vulnerability assessment and penetration testing tools and methodologies.Experience with configuration and management of SIEMs including Sentinel and Splunk are desirable.Due to the nature of our business, applicants must be an Australian Citizen and hold and be able to maintain an Australian Government Security Clearance of NV1 or above.Skills that will be helpfulAdvanced solution design and security architecture experience in building complex systems in both on-premise and cloud-based technologies, including system design and related security documentation.Strong communication, collaboration and stakeholder engagement skills with technical and non-technical customers in commercial, government, and academic business lines, and ability to build effective business relationships.Expertise in providing specialist security advice throughout all stages of a capability's lifecycle.Proven ability to solve complex technical and operational problems.Why you'll love working hereFlexible work optionsEmployee Assistance Program (EAP)Additional technology allowancesRelocation assistanceBusiness travel opportunitiesAustralian Defence Force (ADF) experience is desirable and Veterans are encouraged to apply.
#J-18808-Ljbffr