Address
Form of work * ASIC is seeking a full time Vulnerability Management Engineer to join their Information Technology Team
* Salary starting from $87,259 depending on experience (plus up to 15.4% superannuation)
* Permanent position based in Sydney
A future with ASIC means that your work will contribute to ASIC's vision for a fair, strong and efficient financial system for all Australians. We value what you will bring. We value those with sharp, analytical minds and are open to challenging the way things are done.
The team
Information Technology Services provides a wide range of IT facilities and support services to ASIC. We are embarking on major technology projects that will transform our business and continue our significant technology transformation in a number of areas such as virtualisation, mobility and cloud. We make use of the latest technology with an increasing focus on data sharing and analytics which will make ASIC a 'best in class' regulator supporting the Australian financial markets.
The role
* Assist the lead in the Vulnerability management function
* Perform the patching activities and applying security vulnerability remediation changes within data centre and/or a public cloud environment
* Reviewing security vulnerability reports and preparing plans to remediating issues
* Managing monthly Operating System and infrastructure patch cycles
* Responding to BAU Security and Patch Management incidents
* Provide both internal and customer centric security vulnerability reports, with possible remediation timelines
* Patching outside of core business hours will be necessary to accommodate certain types of software and infrastructure updates and to cater for customer maintenance windows. This could involve weekends or after-hours during the week
* This is a hands-on role requiring strong automation and coding skills
About you
* Relevant tertiary IT qualifications and certifications
* Passionate about technology, highly motivated to learn
* Understanding of Vulnerability Management frameworks, CVSS, CVE and MITRE ATT&CK
* Good analytical and problem-solving skills
* Experience with Puppet Enterprise
* Strong experience with managing puppet code in GIT Repos
* Experience patching software, Windows and Linux Operating systems
* Good understanding of core Cloud services from AWS and Azure
* Experience with Terraforms, CloudFormation, Windows PowerShell and Unix/Linux scripting
* Experience with writing comprehensive technical documentation and creation of dashboards
* Experience with Windows PowerShell and Unix/Linux scripting
* Experience using Vulnerability Management tools and technologies such as Rapid7 IVM, Qualys, Tenable, etc
About ASIC
ASIC's remit is one of the broadest of regulators across the world.
ASIC regulates corporations, markets, financial services and consumer credit and monitors and promotes market integrity and consumer protection in the Australian financial system.
Through our enforcement work, we hold to account those who contravene the law, working to achieve strong outcomes that address the greatest consumer and investor harms.
Through Moneysmart, we aim to improve the skills and knowledge of Australians and provide information and tools to help them in their decision making.
A future with ASIC means that your work will contribute to achieving ASIC's vision for a fair, strong, and efficient financial system for all Australians.
ASIC is committed to a providing a diverse and inclusive workplace where the very best talent in Australia chooses to work. Indigenous Australians are encouraged to apply as well as applicants from all backgrounds and with different abilities
To work with us, you need to be an Australian citizen, and be prepared to complete an ASIC Suitability and Baseline Assessment which is issued ASIC's Security team.
View the position description for more information or click ‘apply' to start your application.
Applications for this role will close at 11:59pm on Tuesday 12 March 2024
