Job details

Location
Brisbane
Salary
Up to AU$130000 per annum + base
Job Type
Permanent
Ref
34350_1617683969
Contact
Chelsey Costello
Contact email
Email Chelsey
Contact phone
+61 2 8248 8084
Posted
17 days ago

Job details

Location
Brisbane
Salary
Up to AU$130000 per annum + base
Job Type
Permanent
Ref
34350_1617683969
Contact
Chelsey Costello
Contact email
Email Chelsey
Contact phone
+61 2 8248 8084
Posted
17 days ago

Talenza have partnered with a tech start up with offices in Burleigh Heads to find a DevSecOps Engineer.

This orgnisation are rapidly growing company, not just in size but in processes. They are looking for flexible, progressive and open-minded people who can get onboard with their vision and grow with them.

You will be the face of security for this growing business. Your role will have a huge focus on polcy and audit and you will be tasked to prepare them for a SOC2 audit but also working collaboratively with developers on keeping application security front and center while they are coding. They are an AWS shop.They expect polish, a deep knowledge and passion across a variety of security interests, and a drive to effectively communicate with executives, partners and your internal customers.

The Responsibilities

  • Work closely with our internal compliance / legal team and be the primary engineering contact related to all things security.
  • Responsible for maintaining Information Security policy and any related documentation.
  • Own and manage our security vulnerability monitoring and intrusion detection systems. Ensure we are proactively fixing issues raised. Manage the interactions with the auditors to meet SOC and any other security related requirements.
  • Develop internal tooling for automatic deployment.
  • Operate and manage security related infrastructures, EDR, AV, WAF, vulnerability scanners, and CSPM.
  • Participant in development, test and maintain disaster recovery solutions and exercises.
  • Architect and implement solutions necessary to address security audits and compliance efforts. Knowledge of SOC2 and ISO27001 and PCI a plus.
  • Work with external security testing vendors to coordinate pen testing of our platform and network. Coordinate any necessary fixes with the development team.
  • Work closely with the engineering teams to ensure we are considering security when architecting and building new systems. Ensure that security solutions are architectured with developer velocity and efficiency in mind. Identify and develop tools to aid this process.
  • Support the organizations Third-Party Risk Management program

The Requirements

  • Bachelor degree in Computer Science or another technical field
  • Experience conducting or taking part in Information Security audits (SOC2, ISO)
  • Working knowledge of IT security & Governance Risk Compliance standards (NIST CSF, ISO 27k1, COSO, etc.)
  • Experience securing Cloud infrastructure (AWS, Azure, GCP)
  • Good understanding of programming, code analysis, debugging. (node.js, golang, python, bash etc)
  • Knowledge of industry security standards, associated controls, and audit requirements for compliance
  • The familiarity of data privacy laws such as CCPA and related data security requirements.
  • Experience developing and implementing an Information Security risk program, methodologies, and tools
  • Ability to work effectively in teams of technical and non-technical individuals, including peers in non-technical departments
  • Experience working in the financial services / FinTech Industry is a plus
  • Ability to work independently with minimal supervision and collaboratively in a team environment
  • (Optional) Any Security certifications such as AWS Certified Security Specialty, CISSP, CISA, Security+ would be beneficial.