Security Engineer

Join to apply for the Security Engineer role at Cover Genius.

As a Security Engineer in our Security & IT Operations Team, you will help secure the platform that protects the customers of the world's largest digital brands. You will drive proactive improvements in our security posture and detect and respond to threats across applications, platforms, devices and the workforce. You will work with Infrastructure and IT Engineers to safeguard critical systems and collaborate with product engineering teams to build security into products from the ground up.

We are a Series E Insurtech with a diverse team across 20+ countries, committed to security, innovation and social impact through programs like CG Gives.

• Secure our Applications: partner with infrastructure and product engineering to integrate security tools and processes into the CI/CD pipeline (e.g., SAST, DAST, dependency and secret scanning). Advise on secure coding practices (e.g. OWASP Top 10), threat modeling, and secure architecture design.
• Secure our Platform: develop and enforce cloud security policies, standards, and best practices for infrastructure, networking and data protection using industry frameworks.
• Secure our Workforce: work with IT engineers to secure employee devices, identities and SaaS apps, ensuring compliance and fit for purpose.
• Threat Detection & Response: configure, manage and tune security monitoring and alerting systems (e.g., SIEM, CSPM, CWPP); investigate and respond to security incidents, including on-call duties for critical incidents.
• Third Party Risk Management: assess new and existing IT vendors for certifications and security practices; respond to due diligence questionnaires from partners.
• Governance, Risk & Compliance: assist with evidence gathering and reports for audits (SOC2, PCI-DSS); coordinate vulnerability assessments, penetration tests and access reviews with remediation guidance.

• Experience: at least 1 year in a Security Engineering, Application Security, or DevSecOps role. Prior Software Engineering or DevOps experience is desirable.
• Application Security: knowledge of common vulnerabilities (OWASP Top 10), secure coding principles, SDLC; hands-on experience with SAST, DAST, SCA.
• Cloud Security: experience with public clouds (AWS and/or GCP); understanding of IAM, network security, and native security services.
• Infrastructure as Code: proficiency in automating infrastructure and security controls using Terraform or other IaC tools.
• Container & Kubernetes Security: familiarity with Docker and Kubernetes security best practices.
• Scripting & Automation: Python, PowerShell or Bash for automating security tasks and integrations.
• Endpoint Management & Security: basic familiarity with securing corporate endpoints using EDR & MDM tooling.
• Bachelor's degree in IT, Computer Science, Information Security, or equivalent experience.

• Analytical mindset and problem-solving: ability to dissect security challenges, identify root causes and build resilient systems.
• Developer empathy: translate security requirements into actionable guidance for engineers and balance security with product velocity.
• Proactive and curious: self-motivated learner staying ahead of threats and technologies.
• Clear communication: articulate risks to technical and non-technical stakeholders and foster shared security responsibility.

• Flexible work environment and hybrid schedule with wellness benefits.
• Employee stock options and ownership in the company's success.
• Opportunity to work with like-minded people and participate in CG Gives social initiatives.
• Commitment to diversity, inclusivity and a respectful workplace.

By submitting your application, you acknowledge that we may collect, store and process your data for recruitment purposes. We may use AI to assist in sorting applications, but final decisions are made by our hiring team. We will keep your information on file for three years. For details about data handling and our use of AI, please review our Privacy Policy.

Location: Sydney, New South Wales, Australia