Cyber Security Vulnerability Manager

Founded in the Queensland outback in 1920, Qantas has grown to be Australia's largest regional, domestic, and international airline. Qantas has a range of subsidiary businesses that support the overall operations of the Group. The Qantas Group's main business is the transportation of customers and freight using two complementary airline brands — Qantas and Jetstar — operating regional, domestic, and international services.

Job Description

• Become a part of our Qantas Group Cyber Defence Team
• Join an amazing team that values and prioritises cyber security
• Permanent role based at our Mascot Head Office.

At Qantas, we represent Australia to the world. Our diverse country is known for its unique spirit, mateship, and a can-do attitude. Together we're strong and resilient, and we work hard to make sure we're always at our best.

The
Cyber Security Vulnerability Manager
is responsible for leading and evolving the vulnerability management program across the Qantas Group. This role ensures the identification, assessment, and prioritization of vulnerabilities in applications, networks, and systems, with a strong focus on integrating security throughout the software development lifecycle. The manager collaborates closely with business and technology teams to embed security best practices and works with IT teams and resolver groups by providing expertise, guidance, and recommendations to support effective and timely remediation of identified vulnerabilities. The role also drives continuous improvement, maintains compliance, and strengthens the organization's overall security posture.

What You Will Be Doing

• Leading comprehensive vulnerability assessments across applications, networks, software, and hardware, using advanced scanning tools and prioritizing remediation based on risk.
• Driving application security by ensuring secure development practices, identifying and addressing vulnerabilities in both custom-built and third-party applications, and integrating security controls throughout all stages of the software development lifecycle.
• Overseeing the security of network infrastructure, implementing measures to protect against vulnerabilities in network devices, protocols, and cloud environments.
• Evaluating the impact of identified vulnerabilities and developing effective risk mitigation and remediation strategies.
• Directing the development and execution of a robust patch management strategy for software and network components.
• Providing subject-matter expertise during cybersecurity incidents, especially those involving application or network vulnerabilities.
• Maintaining compliance with security standards and regulations, and regularly reporting on vulnerabilities, remediation status, and key security metrics.
• Collaborating with IT, development, and business teams to embed security practices, and delivering training and awareness on application and network security.
• Continuously monitoring emerging threats, security trends, and technologies to enhance vulnerability management processes.
• Managing relationships with security vendors and external consultants for specialized assessments and solutions.

What You Will Bring

• 7+ years of experience in cyber security, with a strong focus on vulnerability management and application security in large or complex organizations.
• Demonstrated expertise in application security, including secure development practices, vulnerability assessment, and remediation in both custom and third-party applications.
• Strong hands-on experience with vulnerability detection tools (such as Qualys, Nessus, Rapid7, or similar), including deployment, configuration, and analysis.
• Proficiency in using security tools and technologies for vulnerability assessment, patch management, and incident response.
• Deep understanding of network security protocols, cloud security, and a wide range of vulnerability types.
• Strong analytical skills to assess risks and develop effective mitigation strategies.
• Effective communication skills to articulate security risks and recommendations to technical and non-technical stakeholders.
• Excellent organizational and project management skills.
• Ability to proactively identify and address security gaps in applications and network infrastructure.
• Ability to work independently to drive security outcomes, in collaboration with technology and business teams.
• Relevant education (Bachelor's degree in Computer Science, Information Security, or related field) and certifications (CISSP, CISM, CEH) preferred.

Why Qantas?
You'll join a team where creativity and passion are encouraged. Our people come together to allow us to dream big and deliver successfully.

There are many different opportunities across our team, which means you'll be able to grow both personally and professionally at Qantas. Your development is a priority for us – so that you can maintain the high standards our customers have come to expect and can continue to develop over time. You'll be supported from day 1 with on-the-job training and coaching as well as our formal training opportunities. While you may start in this role, we've got a great track record of supporting our people to take their career in so many different directions, the destinations are endless.

The Qantas employee benefits program offers amazing benefits that extend well beyond travel.

• We love to travel: Enjoy heavily discounted air travel within Australia and across the globe, both for you and your family and friends, as well as exclusive deals on accommodation and holidays.
• We have flexible leave options: Make use of leave and flexible working opportunities including 18 weeks paid parental leave and the option to purchase additional paid leave for eligible employees.
• We'll give you access to thousands of rewards: Through our partnerships we can offer you discounts across shopping, food and wine, insurance, health and wellbeing, leisure and entertainment. You can also take advantage of our salary packaging program including motor vehicles, eligible portable electronic devices and professional memberships.
• We'll support your wellbeing: Whether it's learning to better support your own and others' mental health, our interactive wellbeing app or your very own tailored nutrition plan.

Qantas is an equal opportunity employer committed to providing a working environment that embraces and values diversity and inclusion. By coming to work for us, you'll be part of an organisation that encourages diversity, supports charities and environmental initiatives. We encourage Aboriginal and Torres Strait Islander, and people of all backgrounds to apply. If you have any support or access requirements, we encourage you to advise us at time of application. Your personal information will be kept confidential in compliance with relevant privacy legislation.

Please note: applications will only be considered for candidates who have the right to work in Australia / New Zealand without restriction or sponsorship.
Be part of something special and play your part in the Qantas story – get in touch today

Applications will close by Wednesday the 26th of November