Cyber Security Engineer

at  Cerebral Palsy Alliance

Location
Allambie Heights, NSW, Australia
At Cerebral Palsy Alliance, we value diversity, foster an inclusive culture and champion equitable opportunities. We strongly encourage applications from candidates with a diverse range of backgrounds and lived experiences including people with disability, Aboriginal & Torres Strait Islander people, people from culturally and linguistically diverse backgrounds, and the LGBTQIA+ community.
Join us and make a positive difference to the lives of people with disabilities, and to grow your career as part of our alliance of great minds. Our shared values are Passionate, Respectful, Ethical, Curious and Courageous.
About the role:
We have an exciting opportunity for a skilled Cyber Security professional to join our IT support team to primarily protect the organisation against malicious internet actors and support other shared Technology initiatives.
Please note that this role is a full-time role.

Required skills:

• Minimum 3 years in a hands-on technical security role, incident analysis and response, or similar experience.
• A tertiary qualification, preferably in Information Technology or equivalent professional experience
• Excellent knowledge of Information Security Risk Management methodologies
• Knowledge of global Data Protection and Privacy regulations
• Strong interpersonal skills and the ability to communicate with business stakeholders at all levels
• Experience in delivering security solutions on an Azure cloud platform
• Experience in vulnerability and penetration testing
• A solid working knowledge and awareness of emerging technologies and their practical applications in supporting business requirements
• Demonstrated experience implementing ISO 27001/27002 controls

Desirable skills:

• 5+ years in an IT security role with technologies experience including SIEM, EPP, IDS & IPS
• Industry certification in CISSP, CISM CISA and/or CRISC
• Hands-on experience in administering key security controls (anti-malware, vulnerability management, data loss prevention, intrusion detection, SASE).
• Experience in delivering security solutions on any public cloud platform
• A bachelor’s degree or equivalent experience with advanced certifications, such as SANS GCIH, GCED, GCIA, CEH, SSCP, and CISSPA tertiary qualification, preferably in Information Technology or equivalent professional experience

Responsibilities include:

• Maintain up to date knowledge on potential threats, trends and relevant events that may threaten the organisation’s IT risk position
• Manage all information security incidents, including investigation, reporting and recommendations for improvement of controls
• Ensure required security and compliance tests such as penetration tests, vulnerabilities, access control reviews and data classification activities are conducted, and necessary remediation tasks carried out.
• Provide authoritative expertise and advice across a range of national and international standards and information security best practices.
• Responsibility for Cyber Security software solutions and respective vendor relationships
• Maintain and create documentation as necessary including Security Assessments on new and existing systems to ensure controls are adequate
• Test and maintain Security Incident Response Plans, including creation and deployment of security response playbooks
• Follow incident management and problem management processes and ensure approved change management processes are followed
• Ensure cyber incidents are appropriately managed throughout all stages, including communication to relevant stakeholders
• Work collaboratively with internal and external stakeholders to monitor, detect, report vulnerabilities, incidents, threats, and trends to support informed decision making and minimise cyber security risk
• Design, configure and maintain security tools and applications, dashboards and reporting, and present risks to key stakeholders
• Ensure Endpoint security definitions and controls are maintained and updated regularly
• Identifying and appropriately managing security risks
• Develop and manage day-to-day operations of reviewing SIEM alert and other vulnerability management tools

Working for CPA offers you exceptional remuneration & benefits:

• Access to a tax-free meal, entertainment & venue benefit card valued at $2,650 per year
• Flexible ways of working - compressed hours, working from home options, flexibility surrounding hours
• 12 weeks paid parental leave and 2 weeks paid partner leave
• 3 additional leave days each year (conditions apply)
• $100 per year well-being allowance that you can use to enhance your wellbeing (eg: purchase sports equipment, have a massage, take a meditation class, the choice is yours)
• Discounted gym membership for you and your family, using Fitness Passport
• Employee Assistance Program
• Paid Employee Referral Bonus Program, where you can be generously rewarded for referring a friend that joins CPA.

Important information:
At CPA the safety of our staff and clients is of paramount importance. We have assessed this role type as requiring a low level of physical functionality with some inherent requirements. For more information on what that may mean for this role please click
here.
Please let us know if you have any pre-existing injuries or illnesses which you are currently seeking, or have sought, medical treatment for which you think may impact your ability to fulfil the inherent requirements of this role. CPA is committed to supporting an inclusive work environment and engaging workers with diverse lived experience. We will happily consider and accommodate reasonable adjustments that may be required to support candidates throughout the recruitment process, and to be successful and safe employees of CPA.
Cerebral Palsy Alliance is committed to the safety and wellbeing of our clients and staff. As such we encourage all employees be vaccinated against COVID-19. Cerebral Palsy Alliance is an Equal Opportunity Employer. Cerebral Palsy Alliance upholds, advocates for, and protects the
rights, wellbeing and safety of people with a disability. We are a
child safe organisation and all workers are responsible to adhere to the NDIS Worker Code of Conduct.
CPA is a smoke free workplace including in, on and around CPA sites and vehicles.
How to Apply
Please click ‘Apply’ to complete your application.

• Maintain up to date knowledge on potential threats, trends and relevant events that may threaten the organisation’s IT risk position
• Manage all information security incidents, including investigation, reporting and recommendations for improvement of controls
• Ensure required security and compliance tests such as penetration tests, vulnerabilities, access control reviews and data classification activities are conducted, and necessary remediation tasks carried out.
• Provide authoritative expertise and advice across a range of national and international standards and information security best practices.
• Responsibility for Cyber Security software solutions and respective vendor relationships
• Maintain and create documentation as necessary including Security Assessments on new and existing systems to ensure controls are adequate
• Test and maintain Security Incident Response Plans, including creation and deployment of security response playbooks
• Follow incident management and problem management processes and ensure approved change management processes are followed
• Ensure cyber incidents are appropriately managed throughout all stages, including communication to relevant stakeholders
• Work collaboratively with internal and external stakeholders to monitor, detect, report vulnerabilities, incidents, threats, and trends to support informed decision making and minimise cyber security risk
• Design, configure and maintain security tools and applications, dashboards and reporting, and present risks to key stakeholders
• Ensure Endpoint security definitions and controls are maintained and updated regularly
• Identifying and appropriately managing security risks
• Develop and manage day-to-day operations of reviewing SIEM alert and other vulnerability management tool