Senior Security Engineer establishing and maintaining cybersecurity measures for a financial services company. Responsible for leading security event responses, documentation of policies, and training.
About the role
- Security Engineer responsible for designing and optimizing the security platform across on-prem and cloud environments. Collaborates with SOC and IT teams to strengthen security controls efficiently in Sydney, Australia.
Responsibilities
- Operate and fine-tune EDR, ensuring high visibility and timely response to detections.
- Investigate alerts, triage incidents, and coordinate remediation with IT and engineering teams.
- Develop and maintain detection rules, response playbooks, and operational dashboards.
- Run regular vulnerability scans across endpoints, servers, and cloud workloads.
- Prioritize findings based on exploitability and asset criticality.
- Work with system owners to track remediation progress and verify fixes.
- Review and improve AWS configurations using AWS tools or CNAPP / CSPM monitoring tools (e.g., Wiz, Orca)
- Support secure architecture and IaC practices (Terraform, CloudFormation) with dev teams.
- Automate checks and alerting for misconfigurations and policy violations.
- Support developers on secure coding practices and pipeline integration (e.g., Snyk).
- Review secrets management, API credential handling, and CI/CD pipeline security.
- Implement and maintain least privilege and MFA policies across systems.
- Assist with SSO/SCIM integrations (e.g., Entra ID, 1Password, Cloudflare Zero Trust).
- Work alongside IT Operations and Cloud teams to deploy, harden, and monitor security tools.
- Participate in incident response exercises, phishing simulations, and post-incident reviews.
- Contribute to process documentation and internal knowledge base (e.g., runbooks, playbooks).
Requirements
- **4–6 years of hands-on security experience**, ideally in endpoint protection, cloud security, or vulnerability management.
- Strong working knowledge of **AWS security services**, IAM, and network fundamentals.
- Practical experience with **EDR tools (CrowdStrike, Defender, etc.)** and vulnerability scanners (Qualys, Tenable, etc.).
- Solid understanding of incident response, detection engineering, and access control principles.
- Exposure to security frameworks (ISO 27001, SOC 2, NIST) is a plus, but not mandatory.
- Clear communicator who can explain security findings to both technical and non-technical teams.
Benefits
- Celebrate your tenure with us! Receive generous milestone anniversary gifts that grow with each year of service.
- Join a vibrant workplace culture with fantastic team-building activities, fostering camaraderie and collaboration among colleagues.
- Prioritize your well-being!
- Invest in your growth!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Senior Corporate Security Investigator at Duke Energy conducting complex investigations in support of Ethics, HR, Legal, Nuclear, and Enterprise Security with field mobility.
AI Enterprise Security Architect focusing on AI Security architectural standards and integrating security measures into AI development lifecycle. Leading a global team in securing AI systems.
Cloud Security Engineer supporting and securing client environments across AWS and hybrid infrastructures. Collaborating with Cloud Operations to monitor, investigate, and remediate security events.
Account Cybersecurity Lead providing cybersecurity governance and oversight at Capgemini. Leading client relationships, security management systems, and risk compliance oversight.
Cybersecurity Risk Coordinator at Globo ensuring operational security across digital content. Analyzing risks and developing strategies to enhance business resilience.
Senior SAP Security Specialist managing SAP Security responsibilities and projects. Collaborating on security tools and conducting workshops in Hamburg.
Sales Account Manager for Cyber Security and Awareness role at HvS - Consulting GmbH. Providing holistic consulting on Cyber Security services and managing client relationships.
Security Engineer at PRC - Saltillo safeguarding IT infrastructure from cyber threats. Collaborating with IT teams to design and maintain security controls in a hybrid work environment.
Information Security Manager leading cyber security initiatives at NVISO, enhancing clients’ security posture and managing a team of consultants in Germany.