MANDATORY REQUIREMENTS: Security
* Security Clearance: You MUST hold an active AGSVA Baseline Clearance. Candidates with an NV1 clearance (or eligibility to obtain one) are highly preferred.
The Role
As a Cloud Security Specialist, you will be the guardian of the cloud frontier. You will move beyond high-level theory to implement Policy-as-Code, manage sophisticated workload protection platforms, and ensure every configuration aligns with the ISM and PSPF frameworks.
Key Responsibilities
* Posture Management: Oversee and optimise CSPM and CWPP solutions to maintain continuous visibility into risk across Azure and AWS.
* Government Compliance: Assess cloud environments against ISM and PSPF controls, identifying security gaps and driving technical remediation.
* Policy-as-Code: Develop and maintain automated security baselines using Azure Policy, AWS Config, and Terraform.
* DevSecOps Integration: Partner with DevOps teams to embed security "guardrails" directly into CI/CD pipelines, ensuring a secure-by-design approach.
* Monitoring & Visibility: Build and maintain security dashboards to track compliance trends and provide actionable risk data to stakeholders.
* Technical Advocacy: Conduct cloud security architecture reviews and provide subject matter expertise to assist platform teams in uplifting their security maturity.
* Assurance & Audit: Support formal security audits and compliance reporting to ensure long-term adherence to regulatory standards.
Your Technical Profile
We are looking for a security professional with deep hands-on experience in cloud-native security tooling and government frameworks.
Technical Essentials
* Cloud Security Mastery: Expert-level knowledge of Azure and AWS security services (e.g., GuardDuty, Microsoft Defender for Cloud, IAM).
* Tooling Expertise: Demonstrated experience with CSPM/CWPP platforms and automated compliance scanning.
* Automation Skills: Proficiency in implementing security controls via Infrastructure as Code (Terraform) and policy frameworks.
* Framework Fluency: A solid understanding of the Australian Government Information Security Manual (ISM) and Protective Security Policy Framework (PSPF).
* Communication: The ability to translate complex technical vulnerabilities into clear, actionable recommendations for both technical and non-technical stakeholders.
Qualifications & Certifications
* Highly Regarded: AZ-500 (Azure Security Engineer) or AWS Certified Security – Specialty.
* Bonus Certifications: CISSP, CCSP, or other industry recognised security credentials.
* Environment Experience: Proven success working within highly regulated or government-aligned sectors.
At Randstad Digital, we are passionate about providing equal employment opportunities and embracing diversity to the benefit of all. We actively encourage applications from any background.
#J-18808-Ljbffr