About Us
Established in 1988, Rest is one of Australia’s largest profit-to-member superannuation funds.
We support nearly two million members, with around $75 billion of funds under management and are recognised as a responsible investment leader*. We believe when members understand and engage with their super, they’re more likely to get a better retirement outcome.
Everything we do at Rest is underpinned by our values and behaviours, we want to Be Daring, Keep it Simple, Take Action and Have Grit. To put it simply we want our people to thrive and love the work they do.
About the Job
- 12 Month Fixed Term Contract
- Exciting, high profile role
- Market leader in Flex and Hybrid working
The Cloud Security & DevOps Engineer role is responsible for acting as an AWS platform subject matter expert within the Rest Engineering team.
You will be embedded in all AWS platform related projects to design, implement and support cloud architecture needed to deliver business goals. The Cloud & DevOps Engineer will make sure all platform architecture is designed with DR, BCP and high availability in mind and will own the execution of our annual DR testing schedule.
The Cloud Security & DevOps Engineer will also provide oversight, guidance, and support to other technical teams within Rest, data, and engineering to manage their platforms, CI/CD pipelines and assist in the management and oversight of our chosen vendors with respect to AWS.
Cloud Security Focus:
The Cloud Security & DevOps Engineer will tackle some challenging and diverse security remediation projects. The role involves extensive work in AWS, designing and reviewing complex architectures, and implementing advanced security measures. You will the chance to work on anything from standard AWS services to more unconventional setups.
Experience with cloud services, particularly AWS, and your ability to handle multifaceted security challenges would be invaluable. A significant part of the job also involves responding to dynamic security situations. This includes risk assessments of different architectures and managing responses to security incidents, security vulnerabilities using various tools (CNAAP / SEIM). We will be integrating Cloud Posture Management into our pipeline, so insights on automating responses and maintaining these tools would greatly benefit the team.
Key Accountabilities/Responsibilities
- Develop and standardise the usage of automation to provision and manage cloud resources within the CI/CD pipeline, using AWS CDK, CloudFormation, scripting, or other tools.
- Work alongside Solution Architects and other technical stakeholders to design and architect scalable, reliable, and secure cloud solutions, using native AWS services (S3, ECS, EC2, RDS, Dynamo, etc.).
- Review and enforce practices from our vendor DevOps resources to develop infrastructure as code using tools like AWS CloudFormation or CDK to automate resource provisioning.
- Review our current CI/CD pipelines to automate the deployment and updates to AWS resources. Work with platform teams to define and implement best practices in our CI/CD pipelines for each platform (API and Digital) to define and create reusable components.
- Define and implement security best practices, including IAM roles, policies, permissions to ensure secure access to AWS resources.
- Analyse monitoring data to identify performance bottlenecks.
- Own the BCP and DR capabilities within the AWS domain and work collaboratively with the business and vendors to schedule and conduct annual DR tests for all AWS based infrastructure.
- Investigate and resolve technical issues related to AWS/Azure infrastructure, networking, and applications. Provide technical support to development teams and stakeholders, troubleshooting and resolving issues promptly.
- Leading and mentoring other engineers with your laser focus on automation, cloud, and DevOps engineering techniques, to design and implement secure, simple, and impactful solutions
- Collaborate with cross-functional teams to drive successful cloud initiatives.
Cloud Security Focus:
- Identify and resolve any security related errors in AWS.
- Identify and correct security misconfigurations in AWS accounts.
- Completing cloud security analysis to detect and respond to events; Perform log analysis to detect and respond to security events.
- Automate security controls where possible.
- Participate in security assessments of networks, systems and applications delivered internally and externally.
- Manage and, where possible, automate security controls and reporting (vulnerability management, system hardening, logging, and monitoring, system integrity, honeypots, source code reviews).
- Review and recommend technical and non-technical improvements to system and network security controls.
- Perform Endpoint Detection and Response (EDR) through CNAAP / SEIM based tools.
- Conversations with Cloud, Engineering, TechOps & InfoSec teams, utilise security knowledge to reduce risk.
- Contribute and drive Cyber Security roadmap; Provide consultation on the deployment of cloud security solutions within projects, aligning them with the secure cloud architecture and identifying areas for improvement to accommodate immediate or future needs.
- Collaborate with product managers, product owners, and peers to facilitate the adoption of cloud security solutions and services.
