Information Security Cloud Analyst at Rest
Sydney, New South Wales, Australia -
Full Time


Start Date

Immediate

Expiry Date

20 Jul, 25

Salary

0.0

Posted On

08 Jul, 25

Experience

0 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

Risk, Iso, Aws, Security Awareness, Recognition Awards, Nist, Design, Incident Response, Security Tools, Centralization, Rest, Security Controls, Automation, Regulatory Compliance, Security Protocols, Credentials, Telemetry, Vulnerability, Encryption, Third Party Vendors

Industry

Information Technology/IT

Description

Company Description
Supporting millions of Aussies since 1988 with low fees and competitive long-term performance. Profits back to members, not shareholders

PLEASE NOTE THERE IS 1 POSITION AVAILABLE THAT CAN BE BASED IN SYDNEY, MELBOURNE OR BRISBANE.

Please note Rest does not accept speculative resumes from recruitment agencies
Rest will review applications prior to the closing date and may close the role earlier
Job Description
Established in 1988, Rest is one of Australia’s largest profit-to-member superannuation funds.
We support nearly two million members, with around $86 billion of funds under management and are recognised as a responsible investment leader*. We believe when members understand and engage with their super, they’re more likely to get a better retirement outcome.
Everything we do at Rest is underpinned by our values and behaviours, we want to Be Daring, Keep it Simple, Take Action and Have Grit. To put it simply we want our people to thrive and love the work they do.

The Information Security Cloud Analyst is responsible for safeguarding Rest’s cloud-based systems encompassing a broad range of activities including evaluating and mitigating risks, formulating cloud-specific security strategies, continuously watching for cyber threats, ensuring regulatory compliance, and responding to security incidents. Additionally, the Information Security Cloud Analyst will create secure cloud designs and guardrails, educate employees on best practices, assess third-party vendors for security risks, maintain cloud security policies, and manage various cloud security technologies.

  • Design, implement, and monitor cloud security controls, primarily in AWS.
  • Provide strategic guidance on cloud security architecture and risk management.
  • Manage and enhance cloud-native and third-party security tools to ensure compliance.
  • Identify and remediate vulnerabilities across cloud environments.
  • Develop technical solutions and procedures for SOC incident response.
  • Conduct training to improve cloud security awareness across the business.
  • Advise teams on secure cloud infrastructure and software delivery practices.
  • Follow and enforce security protocols for issue and incident management.
  • Support cyber incident management and collaborate on governance and risk.
  • Promote compliance with security standards and address any gaps.
  • Assist with audits, including documentation and issue resolution.

QUALIFICATIONS

  • SC-200 Microsoft Security Operations Analyst, GCP Professional Cloud Security Engineer, AWS Certified Security – Specialty, AWS Certified Solution Architect - Professional, or equivalent
  • ITILv3 knowledge or experience

Required experience, understanding or credentials including:

  • Proven experience in Cloud Architecture, Engineering, or DevSecOps.
  • Strong knowledge of AWS Control Tower and multi-account landing zones.
  • Hands-on experience with CNAPPs and cloud-native security tools.
  • Skilled in cloud network security and identity management (e.g., Entra ID).
  • Experience with automated remediation and incident response workflows.
  • Proficient in securing workloads and monitoring cloud security events.
  • Familiar with SIEM integration, telemetry, and log centralization.
  • Solid understanding of key security domains: network, data, vulnerability, encryption, and automation.
  • Experienced in developing SOPs and incident response playbooks.
  • Ability to design secure cloud solutions across multiple layers.
  • Strong problem-solving and documentation skills.
  • Knowledge of ISO 27001, NIST, ASD Essential 8, and APRA standards.

Additional Information

Our benefits have been designed so you can tailor your experience with us and include:

  • Personal and professional development opportunities
  • Hybrid working
  • Purchase leave scheme and gender neutral 16 weeks paid parental leave
  • Super Contribution Continuation for 12 Months of parental leave
  • Linkedin Learning
  • Income Protection Insurance
  • Rest Excellence awards (peer recognition awards based on Rest’s values and behaviours)
  • Rest Stops - meeting free breaks

If you share our values, believe you can help make a difference for our members and want to be part of a leading superannuation fund with a Super culture, please click Apply Now.
Rest is committed to creating a flexible work environment and culture that embraces diversity, equity, and inclusion - where people feel welcome, safe to be themselves and inspired to do their best.
We value the different backgrounds, lived experiences and abilities our diverse team brings. We welcome and encourage applications from candidates of all ages, cultural backgrounds, faiths, gender identities, sexual orientations and thinking styles. This includes people with disability, neurodiverse individuals, Aboriginal & Torres Strait Islander peoples and those with disrupted work history due to career or other breaks.

Responsibilities
  • Design, implement, and monitor cloud security controls, primarily in AWS.
  • Provide strategic guidance on cloud security architecture and risk management.
  • Manage and enhance cloud-native and third-party security tools to ensure compliance.
  • Identify and remediate vulnerabilities across cloud environments.
  • Develop technical solutions and procedures for SOC incident response.
  • Conduct training to improve cloud security awareness across the business.
  • Advise teams on secure cloud infrastructure and software delivery practices.
  • Follow and enforce security protocols for issue and incident management.
  • Support cyber incident management and collaborate on governance and risk.
  • Promote compliance with security standards and address any gaps.
  • Assist with audits, including documentation and issue resolution
Loading...