Senior IT Security Engineer

Just imagine your future with us…

At Aurecon we see the future through a very different lens. Do you?

Innovation, eminence and digital are at the heart of everything we do. Are you excited about the future?

Are you driven by the opportunity to work on some of the most challenging and complex projects around the world and to learn from the best? We are.

Diversity is at the core of everything we do. We work together to create a culture based on respect, trust and inclusiveness. Our differences are what fuel our creativity.

What will you do?

A Senior IT Security Engineer specializing in Vulnerability Management is responsible for identifying, tracking, and managing security vulnerabilities across Aurecon's IT infrastructure.

Here are the key things you will do to ‘bring ideas to life’.

• Manage the security vulnerabilities and risks across the organization, including identifying, supporting application/system owners to manage risks and remediate vulnerabilities
• Analyze site/enterprise Computer Network Defense policies and configurations and evaluate compliance with regulations and enterprise directives
• Maintain knowledge of applicable policies, regulations, and compliance documents specifically related to Computer Network Defense auditing
• Work closely with both business-oriented executives and technology-oriented personnel to ensure adequate processes are in place and actions are being taken to mitigate identified risks proactively
• Develop strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders
• Maintain appropriate management reporting mechanisms to facilitate communication of the TVM program state across multiple levels within the organization
• Maintains and directs execution of the Corporate Vulnerability Management Program (VMP) including the delivery of enterprise-wide vulnerability assessments and targeted penetration testing

What can you bring to the team?

Firstly, strong sense of responsibility, flexibility and adaptability to varying request. Demonstrated ability to analyse business requirements and deliver solutions in collaboration with business stakeholders to meet deadlines. The job holder will provide advice to key business stakeholders as well as contributing and influencing strategy within their own given domain. Suggest enhancements to ensure continuous application improvement. You will also need the following:

• Tertiary qualification in Information Systems, Computer Science, or related discipline
• Qualification and experience with ISO 27001/2, NIST CSF, ACSC E8, etc.
• Must have experience in network security systems (IDPS, SASE, etc.), Endpoint Detection & Response, SIEM/SOAR, Technical Vulnerability Management (Qualys, Tenable, etc.), IAM, Cloud Security, PKI Management
• 6 + years of experience in a similar level role within an IT Security team
• Strong conceptual and strategic thinking, problem solving, technical, and analytical skills
• Strong stakeholder management and communication skills.
• Strong conceptual and strategic thinking, problem solving, technical, and analytical skills
• Strong stakeholder management and communication skills.
• Demonstrated success working collaboratively and inspiring a team to deliver value and improve service.
• Relevant certifications (e.g., CISSP, Cloud Security, CompTIA Security+)
• Strong process improvement skills
• Track record of contributing to a positive and collaborative culture
• Demonstrated success leading a Security Operations team

Our Aurecon Attributes describe the types of people we bring together for clients. We don’t expect you to have all eight of the attributes, but one that is unique to you.

Finally, we value that each of our team members brings something different to Aurecon. We look for people who have had a broad range of experiences throughout their career and can demonstrate how they have worked as part of a team to bring ideas to life. Does that sound like you?

About us

We’ve re-imagined engineering.

Aurecon is an engineering and infrastructure advisory company, but not as you know it!

For a start, our clients’ ideas drive what we do. Drawing on our deep pool of expertise, we co-create innovative solutions with our clients to some of the world’s most complex challenges. And through a range of unique creative processes and skills, we work to re-imagine, shape and design a better future.

We listen deeply and intently, which helps us see opportunities, possibilities and potential that others can’t.

Think engineering. Think again.

Want to know more?

You can learn more about what it’s like to work at Aurecon by visiting the careers section of our website.

If you are intrigued or excited by what you have read, then we want to hear from you. Apply now!