We're seeking a Senior Cyber Security Specialist to join our Sydney-based team on a permanent, full-time basis. In this role, you'll apply your passion for cyber security to contribute to a safer digital environment.
Your task and duties:
Conducting infrastructure scans for vulnerabilities and compliance validation, preferably using Infrastructure as Code (IaC) techniques and tools. Ensure optimised scanning coverage and implementation, and maintain the service.
Setting up and regularly monitoring backups, ensuring the availability of recovery plans, and validating the effectiveness of security measures using automated scanning tools.
Performing postmortem analysis to evaluate the impact of security incidents on data and infrastructure, identifying available recovery tools and processes, and recommending suitable solutions.
Collaborating with the broader assessment team to enhance and deliver security assessment services.
Managing SQL and NoSQL database architecture, data structures, and naming conventions to ensure the accuracy and integrity of all data master files.
Analysing complex system architectures in cloud computing environments such as AWS, Azure, or GCP, including database management, monitoring, threat detection, and VPN servers.
Monitoring network traffic, auditing log files, and configuring highly available systems in the cloud.
Enhancing system security through regular system upgrades, patching, and implementing encryption layers in the network transport layer (SSL/TLS/mTLS).
Overseeing processes, procedures, and operational management related to system security and disaster recovery planning.
Troubleshooting and providing technical support to diagnose and resolve hardware and software issues across physical and virtual servers, both on-premises and in the cloud.
Ensuring the design and security of computer sites enable seamless integration of all components for optimal functionality. Additionally, monitoring and improving network performance and security during data transit and at rest.
Required Experience:
5+ years of experience with vulnerability management solutions.
Profound understanding of security in cloud computing and other cyber security standards/frameworks, including CIS Benchmarks, NIST CSF, ISO 27001, PCI-DSS, and CVSS.
Familiarity with CIS Benchmarks related to infrastructure configuration.
Exposure to ticketing solutions like ServiceNow and Jira.
Application development experience in SQL, PHP, Python, HTML, JavaScript, NodeJs, or C#.
Technical understanding of web technologies and vulnerability assessments of web applications within cloud environments (e.g., AWS/Azure/GCP).
Familiarity with firewalls, intrusion prevention systems, and management/review systems such as Fortinet and Tufin.
Diverse Cyber background with knowledge across a broad range of technologies, including:
Network Security
Microsoft EDR Stack
SecOps & GRC (APRA CPS234, PCI-DSS, ISO 27001, SOC 2, and NIST)
Cloud Platforms (AWS, Azure, GCP)
Application/Infrastructure Security Concepts (OWASP)
Email Security (SPF, DKIM, DMARC)
Database Security (Mysql, Postgres DB, SQL server)
Orchestration/Virtualisation (Ansible, Kubernetes, VMware)
Cryptography and PKI (Microsoft Certificate Authority, Hashicorp Vault)
Industry Certifications such as CISSP, CISM, CEH, GIAC, or equivalent are highly desirable.
The annual salary for this role is $120,000 - $140,000 plus superannuation.
If you're interested, please apply. Kindly note that only shortlisted candidates will be contacted. For any inquiries, please reach out to us at
[email protected].
A BIT ABOUT US
At Tiuma Cyber Security Solutions, we are dedicated to safeguarding businesses and individuals against ever-evolving cyber threats. With a team of highly skilled experts, we strive to provide comprehensive security solutions tailored to meet the unique needs of each client.
The values that our people live and make decisions by at Tiuma are:
People are most important: Build long-term relationships by always acting with integrity while communicating openly and honestly.
Strive for quality outcomes: Focus on getting results through the meeting point of commercial, technical, and product excellence.
Live for challenges: Face problems with a smile and enthusiasm, relishing a challenge because it makes life that much more interesting.
Always learn and apply: Continuously pursue new knowledge about yourself, your customers and your craft then find ways to apply and test your new knowledge.
Strong opinions weakly held: Back yourself but always be looking for and open to alternative viewpoints in data and from others because strong, diverse opinions are necessary to get quality outcomes.