Information Security Engineer AU/NZ

Equifax is searching for a Security Engineer to implement security solutions independently to protect Equifax digital assets. Execute and define processes to operationalize security capabilities enterprise wide. Work with decision makers in other departments to define security protocols and to secure technology systems. Define operation procedures which can be followed by the operators of security tools. Identify improvement opportunities in managing security architecture, design, policies and controls. Ensure that all security policies are followed and that information and systems are secure. Equifax has flexible and hybrid working arrangements.

What you’ll do

• Engage in and improve the software development lifecycle – from inception and design, through development, deployment, operation and refinement

• Execute and define security operation procedures for security tools including penetration test pipeline management, DAST, SAST and API testing

• Work with decision makers in other departments to define security protocols and to secure technology systems, including support for ANZ’s Transformation and Security Engineering improvements

• Practice sustainable incident response as part of an on-call rotation. Work with Incident Response and Crisis Management teams to effectively manage incidents to an acceptable resolution, and assist with investigations as needed

• Ensure that all security policies are followed and that information and systems are secure

• Support A/NZ Information Security to deliver its strategy and commitments to clients/customers as required

• Proactively review security posture and control compliance coverage and act accordingly

What experience you need 
 

• Bachelor’s degree in Computer Science or related technical field, or an equivalent combination of education and experience required

• 5+ years of experience in Technology or related industries, 3+ years working in Security roles

• Demonstrable ability to work collaboratively within a team as well as independently and autonomously, and engage stakeholders as required, to own and carry on end-to-end projects and initiatives

• Demonstrable strong ability to build and maintain trusting relationships with internal and external customers and always demonstrate good judgment, integrity and actively collaborates and commits to the success of others

• Demonstrable cross-functional knowledge with systems, storage, networking, security and databases

What could set you apart

• Experience in public cloud technologies such as GCP and AWS

• Experience managing vulnerabilities, penetration testing programs and associated remediation actions

• Experience in Incident Response

• Experience with continuous integration and continuous delivery (CI/CD) tooling and practices

• Experience with logging and SIEM solutions

• Understanding of software source code and programming languages such as Python, Bash, PowerShell, Java, .NET

• Experience in developing and validation of pen test cases 

Primary Location:

AUS-Melbourne

Function:

Function - Security Governance and Compliance

Schedule:

Full time