Information Security Analyst

Join an ambitious Telco at an exciting phase of growth
- We pride ourselves on have a great company culture
- Do it. Own it. Love it.

** Melbourne or Sydney or Perth location**

We are a business who is crazy about customers. We use disruptive thinking every day to ensure that we are capturing every opportunity to deliver the ultimate experience to our customers and people. We empower our people to
**Do it. Own it. Love it** and that’s why they choose to work for us. Here, it’s never just a job - We care about what we do and the impact we have, and that’s what connects us.

Whoever you are, you'll fit right into our team of 1,400 different personalities. We’ll support you to be the best you can be here at Vocus and at home.

**What’s the opportunity?**

The role requires to analyse and review the security risks associated with Vocus Applications & Cloud hosting environments. The information security analyst will help to enforce the best security practice from various industry defined security standards such as ISO 27001, PCI DSS, ISM, etc.

The role can be based in Melbourne, Sydney or Perth.

**What you’ll be doing in the role**:

- Proactively conduct security risk analysis on Vocus Applications & Cloud systems, identify security vulnerability/weaknesses, evaluate countermeasures, and recommend best security practices to mitigate the vulnerabilities and the associated risks
- Security review of SaaS, PaaS, and IaaS services of Vocus, based on the CSA CSM matrix and cloud security best practices
- Review the results and coordinate remediation activities of the penetration test findings as conducted by the external pen testers on Vocus Web Applications and Api’s
- Participate and recommend security controls for Applications & Cloud related projects in Vocus
- Develop and maintain regular information security reports for managers and team
- Assist the Information Security Manager with continuous review and ensuring compliance to security standards and policy
- Problem Solving, Multitasking and business relationship skills

**What you will need to be successful in a team like this**:

- You have the full rights to work in Australia. You are an Australian citizen or a Permanent Resident
- Tertiary qualification in IT, Computer Science, or a related discipline desirable with experience working in large, distributed enterprise environments
- Good understanding of Cloud based hosting models i.e., SaaS, PaaS, and IaaS
- Understanding of the Industry recognized Cloud hosting platforms e.g., AWS
- Understanding of security technologies such as WAF, SAML, SIEM, CASB
- Understanding of security standards such as OWASP, ISO27001, ISO 31000, PCI-DSS, ASD Essential 8, TSSR
- Strong report writing Skills and in presenting the technical information to development and management teams
- General Industry Security Certifications such as ITIL, CCSK, CEH, CISSP etc. desirable
- Knowledge and expertise in the Governance, Risk Management of technical services
- Ability to build strong relationships and maintain a rapport with supporting colleagues/team members, internal Vocus stakeholders, and 3rd party service providers
- Ability to quickly learn new skills and adapt to a new environment
- Good communication skills both written and verbal with demonstrated ability to engage business and technology teams
- Experience with national and virtual teams
- General Industry Security Certifications such as CISSP, CCSK, CCSP, CEH, ITIL, or vendor relevant certifications desirable

In return Vocus commit to a fast paced and fun workplace that is committed to career development opportunities within the company nationally and across different areas.

We have the best employee benefits such as Internet discounts, the ability to purchase leave, anniversary leave, awesome parental leave benefits. We work in a hybrid environment of 2 days in our Vocus offices and work from home 3 days each week.

Best of all we believe in flexibility and fitting your job into your life - Vocus is quite simply just a great place to work