Cloud Security Specialist

The Information Technology (IT) team plays a key role in providing business enablement throughout ResMed. We are focused on application, infrastructure, and user productivity solutions, with innovation, efficiency and security. Our goal is providing customer oriented agile delivery, effective business partnership and state-of-the-art technology solutions.

This global role within ResMed's Enterprise Security Group is responsible for ensuring the confidentiality, integrity, and availability of ResMed's information assets and computing infrastructure. We are looking for an experienced and highly motivated Security Specialist to support a global ERP transformation project migrating Oracle EBS to Oracle Cloud Infrastructure and Oracle Fusion SaaS. You will be responsible for securing cloud and on-prem environments, API integrations, and data migrations while working with global teams to ensure compliance, risk reduction, and audit readiness.

This is a Sydney-based position requiring periodic in-office presence for workshops and collaboration with cross-functional teams. It is a global position within the Enterprise Security, working across time zones and cultures to support the successful transformation of the ERP solution.

The successful candidate will demonstrate strong technical expertise, risk analysis capabilities, and communication skills to engage independently with project teams, advise on secure design principles, and deliver high-quality reports that inform business decisions and support audit readiness.

Let's talk about Responsibilities and Accountabilities:

• Cloud & ERP Security Risk Assessments: Lead security reviews across Oracle Fusion SaaS, OCI IaaS, and legacy EBS environments. Identify risks and support the implementation of mitigation controls.
• API and Integration Security: Assess multiple integration points (Boomi, OIC, direct). Enforce security controls for APIs, including OAuth 2.0, JWT, SAML, and token-based access.
• IAM & Key Management: Review and enforce secure identity practices, including RBAC, MFA, and key/secret/token management using centralized Key Management Systems (KMS).
• Data Migration Security Oversight: Evaluate migration processes and third-party tooling for compliance with SOX, GDPR, HIPAA, including encryption, pseudonymization, and secure storage/transit.
• Security Consulting Across SDLC: Provide hands-on security guidance across project sprints. Conduct threat modeling, secure design validation, and remediation planning.
• Compliance and Audit Preparedness: Align security practices with regulatory and enterprise requirements. Support audit preparation and documentation.
• Stakeholder Engagement: Collaborate with project leads, senior engineers, security architects, and third-party vendors across global teams.
• Reporting and Documentation: Maintain clear documentation of risks, assessments, decisions, and remediation status for technical and executive audiences.

Position Specific Skills:

• Demonstrates personal and professional integrity in managing sensitive information and decisions.
• Strong analytical skills in evaluating complex technical designs and prioritizing risk reduction based on business impact.
• Proactive in identifying and addressing security risks before they impact the organisation.
• Builds effective relationships across diverse teams and cultures.
• Comfortable managing conflicting priorities and operating independently.
• Communicates clearly and effectively with technical and non-technical audiences across geographies.

Let's talk about Qualifications and Experience:

• 7+ years of experience in IT or Cloud Security, ideally within large-scale enterprise or ERP transformation environments.
• Strong understanding of Oracle Cloud Infrastructure (OCI), Oracle Fusion SaaS, and Oracle EBS platforms.
• Proven experience with API Security frameworks and standards: OAuth 2.0, JWT, SAML.
• Expertise in IAM, data encryption, KMS, secrets/token management, and integration security controls.
• Knowledge of security tools for CSPM, Endpoint Protection, SIEM, WAF, DLP, and Proxies
• Deep familiarity with SOX, GDPR, HIPAA, and other relevant compliance standards.
• Excellent communication skills – both verbal and written – with the ability to engage senior stakeholders
• Proven ability to independently lead security reviews across diverse technologies.
• Preferred
• Bachelor's degree in Computer Science, IT, Cyber Security, or related field. (Master's preferred)
• Professional certifications such as CISSP, CCSP, CRISC, or Cloud Security Certification (Oracle).
• 3 years+ in risk assessment or security advisory roles.
• Experience with a large-scale ERP migration project
• Background in healthcare or manufacturing environment.

Additional Requirements

• Must be based in Sydney, Australia, with the ability to attend on-site meetings as required.
• Must have valid Australian work rights for the full 12-month term.

Joining us is more than saying "yes" to making the world a healthier place. It's discovering a career that's challenging, supportive and inspiring. Where a culture driven by excellence helps you not only meet your goals, but also create new ones. We focus on creating a diverse and inclusive culture, encouraging individual expression in the workplace and thrive on the innovative ideas this generates. If this sounds like the workplace for you, apply now We commit to respond to every applicant.