Cyber Security Engineer at ASX

Sydney, New South Wales, Australia -

Full Time

Start Date

Immediate

Expiry Date

05 Mar, 26

Salary

0.0

Posted On

05 Dec, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cyber Security, Kubernetes, Elasticsearch, Big Data Pipelines, Terraform, Ansible, Python, Security Frameworks, Security Alerts, Configuration Management, Operating Systems, Cloud Platforms, Documentation Development, Penetration Testing, Vulnerability Scanning

Industry

Financial Services

Description

ASX: Powering Australia's financial markets Why join the ASX? When you join ASX, you’re joining a company with a strong purpose – to power a stronger economic future by enabling a fair and dynamic marketplace for all. In your new role, you’ll be part of a leading global securities exchange with a strong brand. We are known for being a trusted market operator and an exciting data hub. Want to know why we are a great place to work, click on the link to learn more. www.asx.com.au/about/careers/a-great-place-to-work We are more than a securities exchange! The ASX team brings together talented people from a diverse range of disciplines. We run critical market infrastructure, with 1 in 3 people employed within technology. Yet we have a unique complexity of roles across a range of disciplines such as operations, program delivery, financial products, investor engagement, risk and compliance. We’re proud to foster a workplace where diversity is celebrated and inclusion is part of our everyday culture. Our employee-led networks champion LGBTIQ+ inclusion, promote gender equality, accessibility and wellbeing, inspire giving and volunteering, and celebrate cultural and religious events, creating a sense of belonging for all. As an AWEI Bronze employer and member of the Champions of Change Coalition for gender equality, we’re committed to a fair and inclusive workplace where everyone can thrive. The Security Operations Centre is responsible for security monitoring, incident response and computer forensics across the ASX environment. We also conduct maintain a number of enterprise security controls/tooling and conduct regular security testing including vulnerability scanning, phishing simulations and red and purple team testing. Your responsibilities: Maintenance of security tools and controls such as EDR, SIEM, proxy, email gateway, vulnerability scanning, application control and WAF Manage the configuration of key security tools to ensure they are operationally optimised. Tools include EDR,SIEM, proxy WAF, application control etc. Improve the security posture of the ASX environment by building/implementing new controls and enhancing existing controls Create new detections in the relevant security tools to meet the demands of an evolving threat landscape Automate cyber security tasks such as the collection of artefacts, integration of threat intelligence etc Assist in the response to significant security incidents (in conjunction with support teams) End to end management of issues identified during security testing Assist in the preparation of management, Board and Regulatory reporting Assist in security training and awareness of ASX staff Enhance and manage the security documentation suite (e.g. policies, procedures, metrics, use cases and reporting) as it relates to the exchange Cyber Security Centre Performance and management of data and threat risk assessments Liaise with internal and external assurance functions as required Your experience and qualifications Must have skills: Worked at a senior level within a security operations centre environment Hands on practical knowledge of Kubernetes technologies like GKE, EKS and Helm. In-depth knowledge of Elasticsearch SIEM using ECK. Extensive knowledge of building and maintaining scalable big data pipelines, like Kafka, Vector and OTEL. Experience with Terraform, Ansible or any other IaC services. Proficient with a programming language (Python). Exposure to industry standard security frameworks (e.g. NIST, ASD, Swift CSP) Assessment and investigation of security alerts (e.g. SIEM alerts, phishing emails etc.) Exposure to security tools configuration management (e.g. SIEM, EDR, TIP, Email Security, Proxy etc) Familiarity with operating systems including Windows, Linux, VMS; and platforms such as, Active Directory, Exchange, SQL, Familiarity with cloud platforms such as GCP and AWS. Development of security related documentation (policies, procedures, standards Process risk and control mapping techniques Exposure to the performance of penetration testing and vulnerability scanning Nice to have: IT degree with a focus on IT Security. Certifications such as GCFA, GCFR, GCTI, GCIH. Understanding of current Australian regulatory environment (as it relates to financial services / clearing and settlement providers) and related implications to identity management and security/audit compliance (Neo)Vim user LFS, Gentoo or Arch BTW Rewrite code in rust We make hiring decisions based on your skills, capabilities and experience, and how you’ll help us to live our values. We encourage you to apply even if you don’t meet all the criteria of this role. If you need any adjustments during the application or interview process to help you present your best self, please let us know. At ASX Group, our diverse workforce is essential to build and maintain a fair and dynamic marketplace. We support flexible working and offer hybrid working options. Even if our roles are advertised as full-time, we encourage you to apply if you are interested in part-time or other flexible working arrangements. We will arrange for successful candidates to have background checks, including reference and police checks completed as part of the on-boarding process. ASX is an integrated exchange offering listings, trading, clearing, settlement, technical and information services, technology, data and other post-trade services. It acts as a market operator, clearing house and payments system facilitator. It oversees compliance with its operating rules, promotes standards of corporate governance among Australia’s listed companies and helps to educate retail investors. ASX operates markets for a wide range of asset classes including equities, fixed income, commodities and energy. As an integrated exchange, ASX’s activities span primary and secondary market services, including the raising, allocation and hedging of capital flows; trading and price discovery; central counterparty risk transfer; and securities settlement for both the equities and fixed income markets. When you join ASX, you’ll be joining a dynamic global leader with a record of innovation and a reputation for integrity, transparency and professionalism. You’ll also enjoy an impressive range of employee benefits and a flexible working environment underpinned by a friendly and collaborative culture.

Responsibilities

The role involves maintaining security tools and controls, managing configurations, and improving the security posture of the ASX environment. Additionally, the engineer will assist in incident response, security training, and documentation management.