.
About the Department
The role of the Department of Education is to support Victorians to build prosperous, socially engaged, happy and healthy lives. It does this by supporting lifelong learning and healthy development, strengthening families and helping to equip people with the skills and knowledge for a 21st century economy and society.
About the Division
The Information Management and Technology Division (IMTD) provides secure, reliable and integrated technology platforms, systems and services that enable high-quality education for every child and young person in Victoria.
IMTD is responsible for supporting one of the largest technology environments in Victoria, servicing over 1,500 government schools, 50,000 teachers, and 650,000 students. The division drives digital transformation through agile delivery practices, enterprise cloud platforms, and a strong focus on user experience, security, and innovation.
The Information Security Services Branch plays a critical role in safeguarding the Department's digital environments. With a significant rise in cyber risks, our priority is to ensure the safety and privacy of staff and students through best-practice security policies, tools, and risk assessments.
About the Role
The Security Engineer is responsible for designing, developing and implementing security solutions that protect the Department's cloud and IT systems. The role supports secure service delivery across schools and corporate environments, embedding security controls into new technologies and transformation initiatives.
Working closely with internal teams and external vendors, the Security Engineer plays a key role in improving threat detection, prevention, and response. The position also supports audits, risk management activities, and compliance with industry standards and government requirements.
Attributes
The successful candidate will bring strong experience in cyber security engineering across complex ICT environments, with the ability to assess risks, apply technical solutions, and communicate security concepts to a range of stakeholders. Key capabilities include problem-solving, scripting, stakeholder engagement, and a commitment to continuous improvement in security practices.
Desirable Qualifications and Experience
Mandatory :
* Proven experience in security engineering and implementation
* Proficiency in scripting languages (e.g. PowerShell, Python, Power Automate)
* Proficiency in coding languages (e.g. NET, Java)
* Familiarity with standards such as ASD ISM, NIST, and ISO 27000
* Experience with Microsoft security and cloud services (Azure, Defender, Microsoft Information Protection)
* Strong communication and stakeholder engagement skills
Desirable :
* Qualifications in Cyber Security, Information Technology, or related fields
* Certifications such as CISSP, Azure Security Engineer, or CompTIA Security+
* Experience in public sector or education environments
* Familiarity with DevSecOps and CI/CD security integration
* Experience with SIEM/SOAR tools such as Microsoft Sentinel or Splunk