Job Overview and Responsibilities
- Support ANZx teams in achieving operational effectiveness by aligning and collecting evidence against controls.
- Assist Security Partners and Assurance teams in identifying opportunities to automate evidence collection.
- Provide technical advice on implementing security configurations such as Network policies IAM API authentication and other Cloud components.
- Help teams design secure CI/CD pipelines.
- Support Security Partners in analyzing vulnerabilities and Pentest findings affecting nonapplicationcodespecific aspects of the solution.
- Define policies as code in assurance tooling.
- Run proof of concepts for new security tools and implementations.
- Collaborate with ANZx or other ANZ security engineers and penetration testers to develop abuse cases and threat models.
Required Skills and Experience:
- 7 years of experience with at least one major cloud platform (GCP AWS or Azure) and knowledge of Cloud wellarchitected framework.
- Applied knowledge of one or more security frameworks (e.g. NIST CIS).
- Experience in setting up GitOps CI/CD monitoring incident management and troubleshooting.
- Ability to understand vulnerability findings and contribute to triage and action recommendations.
- Experience working on codebases in an enterprise setting including managing various libraries and dependencies (e.g. Java Golang Rust C# C/C Clojure).
- Background in cloud engineering with knowledge of security requirements for the cloud.
- Understanding of software development lifecycle CI/CD tools and performing code reviews.
- Ability to write policy and automation as code.
- Research and analytical skills to identify new security automation opportunities.
- Ability to consume and understand detailed security requirements.
- Effective communication skills with both security and nonsecurity stakeholders.
- Enthusiasm for learning and sharing new security and technical opportunities.
#LIRB1