ABOUT VISION SUPER

At Vision Super, we’ve been entrusted with Australians’ retirement savings for over 75 years. As an industry superannuation fund, we focus on delivering exceptional outcomes for our members’ futures. Our culture is built around collaboration, support, and innovation, and we are now looking for a highly skilled Cyber Security Engineer to join our team and contribute to our continued success.

ABOUT THE ROLE

We are seeking an experienced Cyber Security Engineer to join our team at Vision Super. This role is responsible for designing, implementing, and maintaining the technical cyber security infrastructure, systems, and services that protect our organisation from evolving threats.
You will play a crucial role in driving best practice security standards across our network, endpoints, and data systems — ensuring our security architecture is resilient and adaptive to new risks.
This is a fully on-site position with flexible hours, available at either our Melbourne or Sydney offices, both conveniently accessible by public transport.

WHAT YOU’LL BE DOING

• Security Infrastructure Design & Implementation: Design and implement security infrastructure including firewalls, intrusion detection/prevention systems, and access controls.
• Vulnerability Management: Identify, assess, and remediate vulnerabilities across systems and applications, ensuring timely patching and risk mitigation.
• Network Security: Monitor network traffic, detect vulnerabilities, and implement network security measures such as segmentation and encryption.
• Endpoint Security & Data Loss Prevention: Manage and secure endpoints (devices), including configuring antivirus software, endpoint detection and response (EDR) tools, and mobile device management (MDM) systems and DLP tools.
• Incident Response: Investigate security incidents, assess impact, and lead corrective action efforts.
• Data Protection: Secure sensitive data through encryption and secure transmission methods.
• Threat Monitoring & Testing: Monitor and respond to cyber threats using Splunk, Zscaler, and Sentinel. Coordinate penetration testing and vulnerability scans.
• Security Standards: Interpret policies and regulatory requirements (including APRA CPS234) into actionable engineering and architectural standards.
• Security Documentation: Maintain detailed records of security configurations, incidents, and reports for management and auditing purposes.
• 3rd Party Assessments: Participate in, assess, and manage third-party cyber security assessments.
• Security Awareness: Promote security awareness within the organisation through training and awareness programs.