- $200000 per annum
- Job Type
- about 1 year ago
- One of Australia’s largest financial service firms
- Drive security initiatives across the Digital domain
- Influence critical company policy
Our client is one Australia’s largest financial service firms, with multiple business units across multiple geographic regions. They are currently implementing a large security uplift program as part of a long term strategy and have created the Principal Security Engineer position as part of the ongoing transformation.
The major focus of this position is to help drive security initiatives across the Digital technology domain, helping to develop and deploy DevSecOps practices within the Development teams.
In addition, this role will help to identify security improvements, and influence group security policies with Digital channels, platforms and applications in mind.
This position requires an individual with the ability to write, read and review code (a scripting language and/or Java) and help to advise on the best security practices during the development cycle.
My client takes security seriously and is seeking to achieve high levels of protection for customers, not just security “compliance”.
- Influence and communicate security strategy and operational roadmaps
- Identify and lead activities to reduce security related business risk
- Continually act to improve overall business security posture
- Keep abreast of security market trends and move proactively to assess business impacts
- Work closely with peers in Digital technology to define security uplift strategy and roadmap
- Help to create and deliver enterprise scalable security automation tools and services
- Work as an SME to consult on security matter with individuals and business units
- Help to optimise and document DevSecOps processes
- Design control solutions for emerging security threats and risks
- Manage documentation & action plans related to security risks
- Help to manage and influence multiple stakeholders across large programs of work
- Current certifications such as OSCP, CEH or CSSLP highly desirable
- Deep knowledge of Web and Mobile application security
- Tertiary qualification in IT or equivalent industry experience
- Ability to code in scripting languages and/or Java
- Strong knowledge of CI/CD and DevSecOps practices
- Excellent communication and stakeholder engagement skills
- Ability to blend business and technical concepts and communicate both effectively
Our client will offer a very competitive package commensurate with experience.
To apply for this position, please click the 'Apply Now' button below. For a confidential discussion, please contact Stuart van Heerden on 03 8547 1333.