Cybersecurity Engineer specializing in email security and collaboration security within the CyberSecurity Engineering team. Crucial role in protecting against email - based threats and enhancing security capabilities.
About the role
- Security Engineer responsible for designing and optimizing the security platform across on-prem and cloud environments. Collaborates with SOC and IT teams to strengthen security controls efficiently in Sydney, Australia.
Responsibilities
- Operate and fine-tune EDR, ensuring high visibility and timely response to detections.
- Investigate alerts, triage incidents, and coordinate remediation with IT and engineering teams.
- Develop and maintain detection rules, response playbooks, and operational dashboards.
- Run regular vulnerability scans across endpoints, servers, and cloud workloads.
- Prioritize findings based on exploitability and asset criticality.
- Work with system owners to track remediation progress and verify fixes.
- Review and improve AWS configurations using AWS tools or CNAPP / CSPM monitoring tools (e.g., Wiz, Orca)
- Support secure architecture and IaC practices (Terraform, CloudFormation) with dev teams.
- Automate checks and alerting for misconfigurations and policy violations.
- Support developers on secure coding practices and pipeline integration (e.g., Snyk).
- Review secrets management, API credential handling, and CI/CD pipeline security.
- Implement and maintain least privilege and MFA policies across systems.
- Assist with SSO/SCIM integrations (e.g., Entra ID, 1Password, Cloudflare Zero Trust).
- Work alongside IT Operations and Cloud teams to deploy, harden, and monitor security tools.
- Participate in incident response exercises, phishing simulations, and post-incident reviews.
- Contribute to process documentation and internal knowledge base (e.g., runbooks, playbooks).
Requirements
- **4–6 years of hands-on security experience**, ideally in endpoint protection, cloud security, or vulnerability management.
- Strong working knowledge of **AWS security services**, IAM, and network fundamentals.
- Practical experience with **EDR tools (CrowdStrike, Defender, etc.)** and vulnerability scanners (Qualys, Tenable, etc.).
- Solid understanding of incident response, detection engineering, and access control principles.
- Exposure to security frameworks (ISO 27001, SOC 2, NIST) is a plus, but not mandatory.
- Clear communicator who can explain security findings to both technical and non-technical teams.
Benefits
- Celebrate your tenure with us! Receive generous milestone anniversary gifts that grow with each year of service.
- Join a vibrant workplace culture with fantastic team-building activities, fostering camaraderie and collaboration among colleagues.
- Prioritize your well-being!
- Invest in your growth!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Senior Security Engineer at January, enhancing security for consumer finance. Architecting systems to protect sensitive data and drive security - first culture.
Founding ML Scientist at VC - backed AI security platform. Defining AI security for critical environments like banks and hospitals.
Head of Physical Security leading security practices across Babcock. Ensuring protection of infrastructure and national security while managing complex projects and stakeholder relationships.
Security Officer providing safety and security for patients and visitors at healthcare facilities. Responding to emergencies, patrolling, and monitoring security protocols across multiple locations.
Director of Data Security and Governance leading comprehensive data protection program. Responsible for implementing data governance framework, classification program, and managing data security policies.
Quality and Patient Safety Specialist supporting implementation and monitoring in a healthcare network. Engaging in quality processes and ensuring patient safety across hospitals.
Expert security professional leading incident response and security platform administration. Collaborating with stakeholders to enhance information security programs at Pluralsight.
Technical Lead - Cybersecurity responsible for securing systems against threats at Birlasoft. Developing incident response strategies and collaborating with teams to enhance security.
Technical Specialist - Cybersecurity role in India emphasizing hands - on expertise with security tools and incident response capabilities. Responsibilities include automation scripting and workflow integration.