Chief Security Specialist

We are seeking a highly skilled Security Engineer to join our team. In this role, you will be responsible for implementing robust security measures to protect our infrastructure and ensuring the confidentiality, integrity, and availability of our data.

The successful candidate will have expertise in platform security, DevSecOps, or SRE roles within containerized/Kubernetes environments. They will also possess hands-on experience implementing microsegmentation in Kubernetes or hybrid cloud environments to secure workloads.

As a Security Engineer, you will work closely with our IT Security team to align platform-level security with enterprise-wide policies. This includes participating in internal security meetings, external audits, penetration tests, and presenting the Platform strategies while driving actionable outcomes for the Platform Infrastructure team.

You will be responsible for designing and implementing SIEM solutions to monitor, detect, and respond to security threats across platform infrastructure. You will also develop and enforce microsegmentation policies to enhance workload isolation and reduce attack surfaces in Kubernetes and hybrid environments.

Additionally, you will integrate security controls into CI/CD pipelines, container build processes, and infrastructure-as-code workflows using tools like Terraform. You will automate vulnerability and compliance scanning for infrastructure and implement Kubernetes-native security mechanisms, including RBAC, OPA/Gatekeeper, Kyverno, and network policies, to secure containerized workloads.

Other responsibilities include managing secret management systems (e.g., 1Password) within platform automation workflows, enhancing platform observability by integrating logging, tracing, metrics, and alerting tools to support security monitoring and incident response, and collaborating with NEP IT Security and TSC SME group on IT Security to align platform infrastructure with global security policies and compliance frameworks (e.g., ISO 27001, SOC2).

Lead remediation efforts for platform infrastructure following security audits and penetration tests, ensuring timely and effective resolution. Represent the Platform team in internal IT security meetings, external conferences, and audits, disseminating learnings and driving improvements.

Define and enforce access controls across Kubernetes, GitHub, cloud resources, and internal tools to ensure least privilege principles. Work with Site Reliability Engineers (SRE) to maintain platform reliability, observability, and security under load and during failure conditions.

Required Skills and Qualifications

• \
• Proven experience in platform security, DevSecOps, or SRE roles within containerized/Kubernetes environments.\
• Expertise in designing and managing SIEM solutions for real-time threat detection and incident response.\
• Hands-on experience implementing microsegmentation in Kubernetes or hybrid cloud environments to secure workloads.\
• Proficient in integrating security into CI/CD pipelines.\
• Strong knowledge of Kubernetes security practices, including RBAC, admission controllers, PSPs/OPA/Kyverno, and workload isolation.\
• Experience with infrastructure-as-code and security scanning tools.\
• Proficiency in Linux systems and automation scripting in Bash, Python, or Go.\
• Familiarity with vulnerability management, identity and access management (IAM), and cloud security best practices.\
• Ability to participate in audits, understand compliance requirements, and coordinate remediation efforts effectively.\
• A degree in Computer Science or related field is preferred but not required.\
• Certifications in security-related fields such as CISSP, CEH, or CompTIA Security+ are a plus.\
• Excellent communication and interpersonal skills are essential for this role.\
• Team players who can collaborate effectively with cross-functional teams.\
• Self-motivated individuals who can take ownership of projects and deliver results.\
• Strong problem-solving skills and ability to think critically.\
• Staying up-to-date with emerging technologies and trends in cybersecurity.\
• Will be assessed based on their technical skills, passion for innovation, and commitment to excellence.\
• Expected to adhere to industry-recognized security standards and guidelines.\
• Collaborative mindset, willingness to share knowledge, and contribute to the growth of the organization.\
• Experience working in Agile development methodologies.\
• Experience with GitLab/GitHub and other popular DevOps tools.\
• Good understanding of cloud platforms such as AWS, Azure, Google Cloud, etc.\
• Basic understanding of machine learning concepts and AI techniques.\
• Knowledge of NIST Cybersecurity Framework and/or the UK government's National Cyber Security Centre (NCSC) guidance.\
• Highly motivated self-starters who thrive in fast-paced environments.\
• Results-driven individuals who consistently meet deadlines and deliver high-quality output.\
• Work collaboratively with cross-functional teams to achieve shared goals.\
• Professional certifications in relevant areas such as PCI-DSS, HIPAA/HITECH, GDPR, etc.\
• Regular attendance at company meetings and training sessions.\
• Eligible for the Australian tax benefits and social security system.\
• Travel to client sites as needed.\
• Working hours: Monday to Friday, 9am-5pm AEST.\
• Annual leave: minimum 4 weeks paid annual leave.\
• Public holidays: observed and paid.\
• Long service leave: after 7 years of continuous service.\
• Health insurance: available through employee assistance programs.\
• Employee assistance program (EAP): confidential counseling services.\
• Flexible working arrangements: discuss with manager.\
• On-site parking: available.\
• Disability access: facility accessible for people with disabilities.\
• Smoking policy: no smoking allowed anywhere on the premises.\
• Dress code: business casual.\
• Family-friendly environment: employees encouraged to bring their families to events.\
• Parental leave: unpaid parental leave scheme available.\
• Generous remuneration package: salary range A$65,000-A$80,000 per annum.\
• Superannuation: employer matches contributions.\
• Employee recognition program: rewards staff for outstanding performance.\
• Training and professional development opportunities.\
• Opportunities for career advancement and professional growth.\
• Recognition and rewards for achievements.\
• Support for continuing education and certification.\
• Competitive compensation packages.\
• Benefits vary based on job level, department, and location.\
• May be subject to change without notice.\
• Apply today if you're passionate about building secure, scalable, and resilient platforms\
• If you want to make a difference in the cybersecurity landscape, we encourage you to apply for this exciting opportunity.\
• Don't miss out on this chance to grow your career in the cybersecurity industry.\
• Looking forward to hearing from talented candidates like you