- New South Wales
- Competitive Salary
- Job Type
- Full Time
- Kiri Evans
- 8 days ago
Not only were they named number 2 in LinkedIn's list of top startups for attracting talent, they were also voted by the Australian Financial Review as one of Australia's most innovative tech startups.
There are few opportunities in your career to join a high growth start up. This is one of them. Our client has an amazing team, a great brand, global clients, and they're just getting started. They are small enough that everyone matters, and your work will have a direct impact on their next stage of growth by enabling strategic deals with large, security-conscious organizations.
They are looking for an articulate, collaborative, and self-motivated person who is keen to take the next step in their career. The ideal candidate will be able to apply their in-depth knowledge of information security management best-practices to secure our clients' systems and processes, and guide them towards internationally-recognised security certifications. This will largely involve defining and implementing security policies and procedures and educating internal and external stakeholders to drive compliance across the business.
- Define, disseminate, and enforce Information Security policies, standards, and procedures
- Design, develop, and implement effective security controls for systems, services and accounts
- Increase security awareness across the company through communication and training
- Proactively identify operational security risks, providing guidance for mitigation activities
- Manage security and access requests in an auditable manner, with regular access reviews
- Oversee security incident response, including necessary protective or corrective measures Coordinate external penetration testing activities, and assessment of remediation requirements
- Perform internal vulnerability testing, coordinating remediation tasks with engineering team
- Collaborate with Site Reliability Engineers to develop and validate Disaster Recovery plans
- Maintain and promote awareness of emerging security threats and vulnerabilities
- Engage with external auditors to demonstrate compliance with our Information Security Program
- Experience in a similar role or related discipline (systems or network administration, operations, risk management, security engineering, etc.)
- Knowledge of security controls associated with firewalls, email, web, endpoints, operating systems (Windows, MacOS, and Linux), intrusion detection/prevention, and networks
- Demonstrable experience with information security management and compliance frameworks such as EU GDPR, ISO 27001, SOC2, PCI DSS, or HIPAA
- Ability to communicate security concepts and threats to technical and non-technical audiences, across all levels of the organisation
- Keen lateral and critical thinking skills, to identify and prioritize risks and their mitigations
- Good understanding of public cloud platforms and technologies, such as AWS and Kubernetes
- Experience implementing policies, procedures, and controls from the ground-up, to achieve industry-recognised information security certification
- Security accreditations (CISM, CISSP, GSEC, CompTIA Security+, etc.) are highly regarded
- Passion for automating repetitive tasks through scripting (e.g. Python, Bash, PowerShell, etc.)
Our client is an equal opportunity employer and value diversity at their company. No matter where you are from or what you believe in, they simply ask that you are committed to your role, your colleagues and your work.
They have a flexible working environment, including the ability to work from home and remotely. They give their team opportunities to attend conferences and undertake further training and personal development.
Our client believes in sustainable pace and that the best results come from teams that are happy, motivated and have a great work-life balance. They work hard, but also have great times together.
To start this exciting journey, please submit your CV and apply online.