Cloud Security Engineer (Junior/Mid)
Melbourne (Hybrid)
Applications have closed
Zeller
Say goodbye to your outdated business bank. Sign up for your free Zeller Account to streamline business payments and manage your finances.Your responsibilities will include:
- Conduct penetration testing and vulnerability assessments on AWS-based systems, applications, and networks to identify security weaknesses and potential risks.
- Develop and execute comprehensive penetration testing plans, including scoping, reconnaissance, exploitation, and reporting.
- Collaborate with development and operations teams to address security vulnerabilities and recommend appropriate mitigation strategies.
- Design, implement, and maintain security controls for AWS services, including Identity and Access Management (IAM), Virtual Private Cloud (VPC), Security Groups, and Network Access Control Lists (NACLs).
- Monitor and analyze security logs and alerts from AWS services, such as CloudTrail, GuardDuty, and Config, and take appropriate actions to mitigate potential threats.
- Stay up-to-date with the latest AWS security threats, vulnerabilities, and best practices, and proactively implement necessary countermeasures.
- Conduct security reviews of AWS architecture designs, deployments, and configurations to ensure compliance with industry standards and regulatory requirements.
- Collaborate with cross-functional teams to establish incident response plans and participate in security incident investigations and resolution.
- Provide guidance and support to other teams regarding secure AWS development practices, security guidelines, and threat mitigation techniques.
- Document security processes, procedures, and guidelines, and contribute to the development of security policies and standards specific to AWS.
What we are looking for
- Proven experience as an AWS Security Engineer or related role with a focus on penetration testing in an AWS environment.
- In-depth knowledge of AWS services, architecture, and security best practices, including IAM, VPC, AWS Config, AWS CloudTrail, AWS WAF, etc.
- Hands-on experience with penetration testing tools and frameworks, such as Kali Linux, Burp Suite, Metasploit, and Nessus, specifically applied to AWS environments.
- Strong understanding of common web application vulnerabilities (e.g., OWASP Top 10), network protocols, and security technologies.
- Familiarity with security frameworks and standards, such as NIST Cybersecurity Framework, ISO 27001, and PCI DSS, as applied to AWS environments.
- Experience with scripting and automation using languages like Python, PowerShell, or Bash, with a focus on AWS CLI and SDKs.
- Strong analytical and problem-solving skills, with the ability to assess risks and recommend appropriate security controls.
- Excellent communication and collaboration skills, with the ability to work effectively across cross-functional teams and present complex security concepts to non-technical stakeholders.
- AWS Certified Solutions Architect - Associate or higher certification is a plus.
Bonus points
- Experience in working within a high-growth environment.
- Security professional certifications encouraged (AWS Advanced Sec Specialist, CISSP etc.)
- Experience in other cloud platforms (Azure, Google)
- Experience in payments
- Experience with PCI compliant environments (PCI-DSS, etc)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation AWS Azure Banking Bash Burp Suite CISSP Cloud Compliance Full stack IAM Incident response ISO 27001 Kali Linux Metasploit Nessus NIST OWASP PCI DSS Pentesting PowerShell Python Scripting Vulnerabilities Vulnerability management
Perks/benefits: Career development Competitive pay Equity Parental leave Salary bonus Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs