bannerImg

Cyber Security Engineer

Sydney and Melbourne - Permanent Contract - 5+ years experience

Job Description :

The Cyber Security Engineer provides system security designs and solutions and creates the information security foundation for service solutions, processes and innovative ideas.  This role will deliver information security expertise over a wide range of business solutions that will be delivered through direct participation on project and consultative services to the lines of business. This role will also plan, design and manage enterprise information security initiatives in support of the core security functions of the company. Develops and maintains information security standards and processes, and applies in-depth knowledge of functional aspects of information systems security and compliance. 

Responsibilities: 

STANDARDS & ARCHITECTURE

Research, develop, continuously improve and implement security policies, procedures, standards and processes based on compliance requirements and industry best practices. Enforce information security policies and procedures by reviewing security violation reports, investigating possible security exceptions and documenting security controls. Determine technology and process requirements to implement security strategies. Publish and communicate enterprise security technology standards to assure architectural consistency in security technologies needed to protect the enterprise. Works closely with business stakeholders as a subject matter expert in applications and infrastructure security; providing security architecture consulting services for projects and key enterprise initiatives.       

THREAT & VULNERABILITY MANAGEMENT

Serve as an escalation point to research security testing and evaluation results. Research and report on current threats to the company’s environment. Publish and communicate enterprise security technology configuration baselines and standards to ensure architectural consistency in security technologies. Maintains up-to-date knowledge and awareness of industry trends related to Information Security and assess its impact on company operations.  

APPPLICATION SECURITY & TESTING

Work closely with application development to assess the security posture of applications as a component of the Secure Development Life Cycle.            

CHANGE MANAGEMENT

Participate as a key member of the Change Management Board to ensure changes to the environment do not adversely impact the security posture or increase risk. 

IMPLEMENTATION & INTEGRATION

Conduct technical security risk assessments against industry best practices and benchmarks to determine weaknesses and vulnerabilities. Recommend, implement and integrate information security technologies to mitigate identified risks. 

INCIDENT MANAGEMENT

Participate as a member of the company’s Incident Response Team. Assist Security Analysts in the identification, isolation, remediation and investigations of security incidents. 

 

Knowledge, Skills and Abilities: 

  • Demonstrated ability to be a respected information security advisor to senior management, as well as to operations, operating groups, technical staff, and project management, and the skills to interface across several channels to proactively assist in defining solutions, direction, specifications and architectural principals.
  • In-depth, up-to-date and broad knowledge of the Information Technology Security field is required, including all major communications and computing technologies and trends
  • Excellent interpersonal, oral/presentation and written communications skills.
  • Conceptual and analytical thinker; able to understand, analyze, and synthesize complex business and technology issues and strategies.
  • Team builder/player able to work effectively with others.
  • Strong judgment and decision making skills; be self-motivated with the ability to work independently and in teams with minimal direction but willingness to seek advice/assistance.

 Minimum Requirements: 

  • Bachelor’s Degree in Computer Science, Information Assurance, Technology or a related field, and 5+ years experience in Information Security, or
  • 10+  years experience in Information Security or related technical field
  • 5+ years experience in vulnerability and threat managemen to 4 years experience developing, testing and deploying secure information system solutions
  • Advanced Industry Professional Certifications
  • ISC^2 – Certified Information Systems Security Professional (CISSP)
  • ISACA – Certified Risk and Information Systems Controls (CRISC)
  • SANS – GIAC Security Expert (GSE)      

You feel like joining the adventure and becoming one of our pioneers?

If you have the right skills and looking for challenging opportunity then you can send your resume to cpuybasset@astekgroup.com.au or apply trough this page.

Apply Now