Cloud Security Engineer

The Information Technology (IT) team plays a key role in providing business enablement throughout ResMed. We are focused on application, infrastructure, and user productivity solutions, with innovation, efficiency and security. Our goal is providing customer oriented agile delivery, effective business partnership and state-of-the-art technology solutions.

This role is a global role that is a part of the Global IT Security department. The primary role is to help assure the integrity and security of all ResMed information and global computing infrastructure. This role will work closely with the IT Security team, IT leadership and staff, business and support divisions, executive team members, and key stakeholders to ensure the alignment of business goals and strategy with security initiatives. S/he will focus on third-party risk management, security assessments, and IT security risk management for our diverse range of global projects. S/he will have to globally manage across multiple cultures and time zones.

Let’s talk about Responsibilities

• Support IT Security groups, global projects, and other initiatives to determine security and data risks, identify compensating controls, and fill the appropriate security role.
• Conduct comprehensive assessments of third-party security risks and ensure compliance with established security standards.
• Collaborate with global project teams to assess and mitigate risks associated with third-party engagements.
• Perform IT Security Risk Assessments on internal and external Information Systems and provide expertise in evaluating and enhancing security controls across various projects.
• Work directly with development teams to ensure that solutions meet security requirements, identify security risks, ensuring timely and effective mitigation measures.
• Proficiency in cloud infrastructure, encompassing IaaS, PaaS, and SaaS, is essential along with cloud technologies including Elastic Compute, Storage, Containers, Serverless computing, Kubernetes, DevSecOps, and more.
• Hands-on experience is required in managing services for any one of the known cloud vendors (AWS, Azure, etc.)
• Strong working knowledge of managing security infrastructure — e.g., Firewalls, Intrusion Prevention Systems, Web Application Firewalls, Endpoint Protection, SIEM, and Log Management.
• Minimum three years of work experience with proven experience building security reference architecture for all-in cloud deployments and hybrid scenarios.

Let’s talk about Qualifications and Experience

Required:

• Bachelor’s degree in IT or related field.
• You must have cloud security experience.
• 3-7 years of working experience supporting Information Technology and Security
• Working knowledge of ISO27001(mandatory), SOC-2, HIPAA, GDPR, or NIST
• Experience in performing InfoSec assessments and IT Security Risk Management
• Strong knowledge of security controls management and technologies including firewalls, WAF, VPNs, DLP, PAM, SIEM, and Endpoint Protection
• Exposure and knowledge of cloud environment (AWS, Azure), SaaS security, DevSecOps, and SSDLC.

Preferred:

• Security certifications such as ISO27001 LA, CISA, CISM, CISSP, or equivalent would be a plus.
• Experience within the manufacturing and/or healthcare industries.

Joining us is more than saying “yes” to making the world a healthier place. It’s discovering a career that’s challenging, supportive and inspiring. Where a culture driven by excellence helps you not only meet your goals, but also create new ones. We focus on creating a diverse and inclusive culture, encouraging individual expression in the workplace and thrive on the innovative ideas this generates. If this sounds like the workplace for you, apply now! We commit to respond to every applicant.