Information Security Engineeron-Site

Security Clearance Required for this role:

• Must have a current Negative Vetting 2 (NV2) security clearance
• Must be an Australian Citizen
• Mon to Fri - office hours

• Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
• Contributes to development of Information Security policy, standards and guidelines.
• Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems. Investigates major breaches of security, and recommends appropriate control improvements.
• Develops new architectures that mitigate the risks posed by new technologies and business practices.

Essential Technical Skills Required:

• Strong technical knowledge and hands on experience with core infrastructure technologies, such as (but not limited to) Active Directory, Windows Workstation and Server, networking, monitoring, cloud services
• Expert knowledge of Cyber Security Infrastructure technologies and best practices and understanding of current Cyber Security technology trends
• The ability to analyse event and systems logs, analyse malware and other incident response related data
• Knowledge of attack vectors, threat tactics and attacker techniques

QUALIFICATIONS AND EXPERIENCE:-

• One or more related certifications such as CISSP, CEH, CISA, CISM
• Diploma or degree in Computer Science or related field
• At least 3+ years’ hands on experience as a Security Engineer specialising in aspects of security infrastructure administration and configuration and/or network security
• Exposure and understanding of cyber security standards NIST Cyber Security Framework, ISO27001, PCI DSS, APRA CPS234
• Understanding of APRA Prudential Standards relating to cyber security
• Strong knowledge of application, infrastructure and networking technologies including best practice and related standards
• An understanding of security technologies used to detect, contain or prevent security incidents such as IDS/IPS, Endpoint Security, Firewalls, Content Inspection and SIEM
• Problem solving and analytics skills, with a high attention to detail