Cloud Security Engineer

Company Description

Welcome to This Australian Life. 

From the millions of Australians we protect, to those that make it happen every day at TAL, people really are what we’re all about. We want to grow with you. Achieve with you. And support you to do your best work. That's why we're focused on developing leadership, promoting diversity, rewarding excellence and retaining great talent.

We're always looking for people who want to go further with us. People who do what’s right, aim high, and work smart.  Why not see where we can go?

Job Description

The Cloud Security Engineer requires relevant experience in Cloud Security, especially in Azure, as a key member of the Cyber Security Architecture and Cloud Security team supporting Cloud Security operations within the Cloud Engineering team. The role will be
responsible for working with the Cloud Engineering team and liaising with stakeholders across the technology and business, and implementing security controls across the cloud environments in a timely manner. The role will be enforcing the security best practices in
Azure Cloud environment, including but not limited to the Azure policy and deployment, Azure Kubernetes Services, App Service Environments, IaaS and PaaS ensuring the continuous improvement of the cloud security posture.

In addition, this role will support the Senior Manager - Cyber Security Architecture and Cloud Security in evaluating the cyber security solutions required to strengthen the TAL’s security posture. This role will work closely with the Platform/Solution Architects, Business
Analysts, Development Managers, Project Managers, Procurement Specialists, Vendors, and Service Providers. This role will be involved in supporting the business to satisfy their responsibilities in complying with TAL Cyber guardrails, standards, risk frameworks and
processes.
 

Key Accountabilities:

• Work closely with other TAL personnel such as Cyber Security architects, Cyber Security Engineers, Cloud Engineers and DevOps to
• ensure appropriate controls are in place and monitored to improve the security posture of our cloud environment.
• Determine security requirements in alignment with the industry leading practices (such as, CIS), and facilitate the implementation of
• those requirements to tighten the security stack for Cloud services.
• Follow existing processes to enforce the security application development lifecycle and balance requirements of agility and security which may include the following:

1. Assess, document and communicate cloud security risks in context with business operations.
2. Adherence to the cloud security standards and processes to meet the requirements and SLAs.
3. Assist in the development, implementation and maintenance of relevant security operating procedures as needed.
4. Implement and maintain metrics to ensure that the performance, and compliance to TAL security requirements are measured and reported.
5. Identify and communicate security non-compliances and vulnerabilities that could impact business operations.

• Develop strong knowledge of the business, its policies, practices and procedures and demonstrate how to correctly apply these.
• Monitor the security posture of TAL Cloud environment and produce high quality periodic reports detailing the security issues in Cloud
• with pragmatic recommendations and mitigating actions, where recommendations are not immediately applicable.
• Establish strong relationships with both internal and external partners, and communicate positively and openly with colleagues, customers and partners.
• Collaborate with all relevant cyber functions to assist with any queries from other TAL teams when required.
• Ensure any required training and development is undertaken in a timely manner.
• Keep up to date with the latest industry trends in cyber security including what technologies and controls may be the best fit for certain solution requirements with an emphasis on security.

Qualifications

• A relevant tertiary qualification, preferably a Degree in Computer Science, Information Technology or equivalent.
• At least 2+ years of demonstrated experience in Azure Cloud and associated technologies including but not limited Microsoft Defender for Cloud, Azure Policies and Compliance frameworks, Front Door, WAF, Firewalls, Azure Active Directory with another 5+ years of experience in any other Cyber security related areas.
• Relevant industry certifications such as AZ-500
• Experience in writing and deploying Infrastructure as Code (IaC), preferably experience in Terraform.
• Knowledge and experience in web application security including the ability to interpret associated security risks and vulnerabilities such as OWASP Top10
• Knowledge of Windows/Linux, web technologies (focusing on Internet security) and cloud security practices
• Fundamental knowledge of microservice architecture (Docker, Kubernetes)
• Knowledge of industry leading information security solutions including but not limited to: Qualys, CrowdStrike, Okta, Active Directory,
• SailPoint, CyberArk, Microsoft Sentinel, Checkmarx, Snyk, etc.
• Knowledge of regulatory and industry standards and frameworks, APRA CPS234, ASD8, CIS 20, NIST CSF and MITRE Attack.
• Ability to deal with ambiguity and work independently with limited direction in a fast-paced environment.
• High level conceptual, analytical, and problem-solving skills, and the ability to develop creative and innovative solutions to difficult and complex problems
• Passionate about security, with an intention to always excel and self-driven to develop technical and professional skills.
• Strong written and verbal communication skills as well well-developed interpersonal skills.

Additional Information

At TAL we value diversity in all its forms and are committed to fostering an inclusive and equitable culture for all our people. We encourage Aboriginal and Torres Strait Islander people, individuals from all backgrounds, including those with caring responsibilities, people living with disability, and individuals from the CALD and LGBTQI+ communities to apply. Even if you don’t check every box in the criteria above, we encourage you to apply today or get in touch with us here.   

To provide you with the best experience, we can accommodate you at any stage of the recruitment process. Simply inform our Recruitment team at any time.  

TAL is recognised by the Workplace Gender Equality Agency as an Employer of Choice.  We are proud to be a member of Diversity Council Australia and the Australian Network on Disability. For information on our reconciliation journey, take a look at our Innovate Reconciliation Action Plan.  

We acknowledge the Traditional Custodians of the Land in which our Head Office is based, the land of the Gadigal people of the Eora Nation, and recognise their deep connections to the land, sea, and culture.  
We extend this acknowledgment to the many Traditional Lands that we operate across and pay our respects to Elders past, present, and emerging.

Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves. Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day. Risk management is everyone’s responsibility.

If you are already a TAL employee please apply via the SmartRecruiters button in Workday and navigate to the Employee Portal. This is important to ensure that your application is recorded accurately.