We’re Hiring : Security Analyst – Secure the Digital Backbone of Government Data Platforms
Location : ACT, NSW, QLD, SA, VIC (Hybrid / Remote with ATO approval)
Start Date : 1 July 2025
About the Opportunity
Azooa is looking for an experienced Security Analyst to support the Australian Taxation Office (ATO) as part of its Enterprise Data & Analytics (ED&A) transformation program — a nationally significant initiative that is delivering secure, scalable, and data-driven platforms to support millions of Australians.
This is a hands-on security role where you’ll be embedded in Agile delivery teams to proactively identify risks, support compliance, and ensure that DevSecOps principles are applied throughout the delivery lifecycle.
You’ll work at the front line of system and application security — helping to embed best practices into pipelines, infrastructure, APIs, and data products.
What You’ll Be Doing
* Conduct security risk assessments and support mitigation planning for platforms, services, and APIs
* Identify vulnerabilities in code, infrastructure, and third-party services
* Review application and service designs from a security perspective (threat modelling, STRIDE, OWASP)
* Assist in implementing secure SDLC practices across DevOps teams
* Support delivery teams in applying ATO security frameworks (ISM, PSPF, Secure-by-Design)
* Collaborate with developers to implement secure coding practices and review code for security flaws
* Analyse logs, reports, and threat intelligence to support risk reporting and triage
* Assist with remediation planning, risk acceptance, and exception handling processes
* Create clear, actionable documentation including security findings, recommendations, and mitigation plans
* Contribute to security awareness across Agile teams through coaching and best-practice enablement
What You’ll Bring
You’re a proactive security professional who’s comfortable working closely with engineers, architects, and stakeholders in fast-paced delivery teams.
* Proven experience as a Security Analyst, Application Security Engineer, or similar
* Strong knowledge of security frameworks, especially ISM and PSPF
* Experience with secure coding principles, especially in cloud-first environments (AWS preferred)
* Familiarity with threat modelling, code analysis, and DevSecOps pipelines
* Understanding of identity, authentication, and access control (IAM, SSO, API security)
* Experience using security tools like Snyk, Burp, SonarQube, AWS Config, etc.
* Strong written and verbal communication skills, especially for documentation and stakeholder engagement
* Baseline security clearance (mandatory)
* NV1 clearance (highly desirable)
Nice to Have
* Exposure to compliance and audit within regulated environments
* Familiarity with CI / CD tools (e.g. GitHub Actions, GitLab CI, Azure DevOps)
* Experience with vulnerability triage and remediation workflows
* Experience working with government cyber teams or in a protective security role
* Participation in security incident response teams or penetration testing initiatives
Security Requirements
All applicants must hold Baseline clearance or be eligible to obtain it before onboarding. NV1 clearance is preferred for this role due to the nature of ATO infrastructure.
You must be an Australian Citizen and comply with all ATO onboarding, compliance training, and security protocols.
About the ED&A Program
The ATO’s Enterprise Data & Analytics (ED&A) initiative is a multi-year transformation aimed at delivering :
* Real-time, high-integrity analytics platforms
* Secure integrations between cloud, on-premise, and legacy systems
* Modernised governance and automation of data handling
* Uplifted delivery capability across Agile, DevSecOps, and cloud infrastructure
As a Security Analyst, you will be critical in ensuring these platforms are not only powerful and scalable — but secure, compliant, and resilient.
Why Work With Azooa
Azooa is a digital consultancy that delivers secure, scalable solutions for Australia's most important government agencies. We bring together cloud, data, security, and delivery excellence to power smarter public services.
* Purpose-driven projects that serve real Australians
* Inclusive, collaborative team culture
* Flexible hybrid and remote options (ATO approved)
* Access to senior security and DevOps practitioners
* Growth and leadership opportunities across multiple federal projects
Who Should Apply
* Security professionals passionate about enabling secure digital delivery
* Analysts who want to make a real difference in protecting citizen data
* Individuals with experience in DevSecOps, code reviews, and platform security
* Security consultants seeking long-term engagement with meaningful public value
* Engineers who understand Agile, work well in delivery teams, and care about building secure systems by design
Diversity & Inclusion at Azooa
We believe the best outcomes are created by diverse teams who feel empowered, supported, and respected.
We strongly encourage applications from :
* First Nations Australians
* Women in cybersecurity, engineering, and tech
* People with disability
* Candidates from culturally and linguistically diverse backgrounds
Azooa is committed to equal opportunity and inclusive workspaces where everyone can thrive.
How to Apply
Prefer to chat first? Message us directly — we’re happy to connect.
This isn’t just about ticking compliance boxes. It’s about securing systems that support millions of Australians, every day.
If you’re a security analyst ready to work at the heart of one of the most ambitious and impactful data programs in government — we’d love to hear from you.
#J-18808-Ljbffr