We are seeking a Cyber Security Engineer (DevSecOps) to embed security across cloud, applications, and CI/CD pipelines.
This role focuses on shifting security left by integrating automated security testing, secure coding practices, Infrastructure as Code (IaC), and cloud security controls across Azure and AWS environments.
You’ll work closely with engineering and infrastructure teams to improve security posture, reduce risk, and ensure secure delivery of applications and cloud services.
Key Responsibilities
* Integrate security into CI/CD pipelines (SAST, DAST, dependency & secrets scanning)
* Conduct vulnerability assessments and support remediation and penetration testing
* Implement secure coding practices and conduct code reviews
* Develop and enforce Infrastructure as Code (Terraform) security standards
* Secure cloud environments (Azure/AWS) and landing zones
* Manage encryption, TLS/SSL certificates, and secrets lifecycle
* Define API security standards (OAuth, authentication, tokens)
* Monitor and remediate cloud misconfigurations and vulnerabilities
* Support SIEM monitoring, incident response, and forensic analysis
* Maintain security policies and compliance requirements
About You
* 3+ years’ Cyber Security, DevSecOps, or Cloud Security experience
* Strong experience with CI/CD security tooling and automation
* Hands‑on Azure and/or AWS cloud experience
* Strong knowledge of Terraform / Infrastructure as Code
* Understanding of networking, APIs, and cryptography
* Experience with vulnerability management and secure architecture
* Familiar with ISO 27001, NIST, or similar frameworks
* Strong communication and stakeholder engagement skills
Must have full Australian working rights.
#J-18808-Ljbffr