Senior Platform Security Engineer

Job Overview and Responsibilities

• Support ANZx teams in achieving operational effectiveness by aligning and collecting evidence against controls.
• Assist Security Partners and Assurance teams in identifying opportunities to automate evidence collection.
• Provide technical advice on implementing security configurations such as Network policies IAM API authentication and other Cloud components.
• Help teams design secure CI/CD pipelines.
• Support Security Partners in analyzing vulnerabilities and Pentest findings affecting nonapplicationcodespecific aspects of the solution.
• Define policies as code in assurance tooling.
• Run proof of concepts for new security tools and implementations.
• Collaborate with ANZx or other ANZ security engineers and penetration testers to develop abuse cases and threat models.

Required Skills and Experience:

• 7 years of experience with at least one major cloud platform (GCP AWS or Azure) and knowledge of Cloud wellarchitected framework.
• Applied knowledge of one or more security frameworks (e.g. NIST CIS).
• Experience in setting up GitOps CI/CD monitoring incident management and troubleshooting.
• Ability to understand vulnerability findings and contribute to triage and action recommendations.
• Experience working on codebases in an enterprise setting including managing various libraries and dependencies (e.g. Java Golang Rust C# C/C Clojure).
• Background in cloud engineering with knowledge of security requirements for the cloud.
• Understanding of software development lifecycle CI/CD tools and performing code reviews.
• Ability to write policy and automation as code.
• Research and analytical skills to identify new security automation opportunities.
• Ability to consume and understand detailed security requirements.
• Effective communication skills with both security and nonsecurity stakeholders.
• Enthusiasm for learning and sharing new security and technical opportunities.

#LIRB1