Senior Cyber Security Engineer

Company Description

Welcome to This Australian Life. 

From the millions of Australians we protect, to those that make it happen every day at TAL, people really are what we’re all about. We want to grow with you. Achieve with you. And support you to do your best work. That's why we're focused on developing leadership, promoting diversity, rewarding excellence and retaining great talent.

We're always looking for people who want to go further with us. People who do what’s right, aim high, and work smart.  Why not see where we can go?

Job Description

• Support in developing and executing the Cyber Security Engineering Roadmap.
• Lead the design and implementation of new security solutions to better protect the organisation.
• Liaise with the technology partners and service providers on security engineering activities.
• Diagnose the issues and problems in the security technologies and use technical expertise to develop options, and solutions to those problems, and contribute to remediation activities.
• Perform security configuration reviews and health checks of security technologies and work with the Cyber Threat Management team in lifting the posture. 
• Support the Cyber Threat Management team with the threat detection, playbook automation, incident response, table-top test exercises, threat hunting, threat intelligence and audit activities.
• Work with the Security Architecture team to support with the secure development of enterprise business solutions. 
• Conduct proactive research to analyse security weaknesses and recommend appropriate mitigation strategies 
• Provide technical recommendations during cyber security incidents and lead corresponding containment and remediation activities. 
• Identify current and emerging technology issues including security trends, vulnerabilities and threats.
• Lead and represent all the cyber security changes relating to the security technologies in accordance with the Change Management Standard.
• Understanding complex technical issues and managing them within a fast-paced business environment. 
• Maintain ownership of the complete solution from requirement gathering with customer and qualification through mid to high-level design and implementation of the solutions.
• Contribute to training and mentoring junior members within the Cyber Security Engineering team.
• Prepare and present technical reports, analyses and documents, and own the security engineering reports.
• Support with the risk mitigation and remediation activities, and assist with the governance, risk and compliance initiatives.
• Ensure any required training and development is undertaken in a timely manner.
• Build collaborative partnerships with team members, other colleagues and external contacts (as and when required). 
• Communicate positively and openly with colleagues, customers and partners, and informs with timeliness whilst setting context. 
•  Develop strong knowledge of the business, its policies, practices and procedures and knows how to correctly apply these.  

Qualifications

Mandatory: 

• 5+ years of experience in cyber security operations role with demonstrated experience in security concepts, MITRE ATT&CK framework, and security technologies
• Undertaking tasks requiring a high level of technical analysis, diagnosis and problem solving
• Mandatory experience with Qualys and Azure Sentinel, whilst experience with ProofPoint, ZScaler, CrowdStrike, Sailpoint, Okta, CyberArk, Akamai, F5, Service Now are preferred.
• Hands-on experience with most of the following security technologies, SIEM, Endpoint Protection (EPP), Endpoint Detection (EDR), Endpoint Proxy, Enterprise Email Security, SOAR, NIPS, Vulnerability Management, WAF, DLP Policy management etc. 
• Experience in hardening various operating systems (Windows 2019, Windows 10, RHEL), networking/firewall concepts, and a certification in "ethical hacking" preferred.
• Experience with PKI/Certificate services and Certificate troubleshooting
• Security certifications, such as, GCIA, GCIH, GMON, GCFA, OSCP.
• Experience in Microsoft Azure cloud (PaaS and IaaS) is preferred with at least fundamentals cloud certification and working knowledge of DevSecOps.
• Structured query language experience is a must and KQL is preferrable. Similarly, software scripting knowledge is a must and Python is preferrable.

Ideally the candidate would have Ansible and VSCode experience and have a passion for cyber security as well as a healthy sense of humour.

A relevant tertiary qualification and a well-rounded background with experience across community and/or extra-curricular activities would be advantageous.

Additional Information

Work is a big part of this Australian life, and we work hard to make it one of the best parts. We don’t just say it; we do it.  We offer a workplace that’s inclusive and flexible, supporting our people with options that let them make the most of their careers.

We know the value of having different people from all walks of life, with varied points of view and attributes regardless of their age, ethnicity, religion, sexual orientation, gender identity, intersex status or any disabilities they might be living with. We strive for a diverse and inclusive workplace where a sense of belonging encourages people to bring their full selves to work.

#LI-Hybrid

Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves. Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day. Risk management is everyone’s responsibility.

If you are already a TAL employee please apply via the SmartRecruiters button in Workday and navigate to the Employee Portal. This is important to ensure that your application is recorded accurately.