DESCRIPTION

We’re on a mission to be a Force For Good, through our People, Products and Purpose at Nuix. Nuix is one of the greatest comeback Technology success stories in Australia, and we’re making massive waves each day. Nuix is, and will be, a pioneer in the Australian Technology space, and we’re carrying the torch on what “good” looks like.
This extends to our People. We’re fiercely passionate, love working at pace, thrive in ambiguity, live, and breathe outside of the box, and above all are good humans. Our impact extends outside of our 9-5, and our place in society isn’t always defined by corporate metrics. We’re determined to make a positive difference in the world, whether through our solutions which help the top companies, governments and agencies find the truth and combat illegal activities, or through our people who care about contributing and giving back both within, and outside, of Nuix. We are a Force For Good.
We’re selective about who comes on board, and you should be too. But if the above sounds like a match, get in touch today and get ready for the possibility of starting a once-in-a-career journey.
We seek a skilled Security Engineer to implement and manage robust security controls for our cloud-based platforms. The ideal candidate will have a strong background in cybersecurity engineering coupled with cloud practices. As a Security Engineer, you will play a pivotal role in safeguarding our business cloud environments against potential threats and vulnerabilities. You will work closely with the broader technology team to identify vulnerabilities, develop solutions, and deploy effective controls to ensure our data and systems’ confidentiality, integrity, and availability. This is a critical role that requires strong technical expertise and a deep understanding of information security best practices.

SKILLS, KNOWLEDGE AND EXPERTISE

• Tertiary qualification in Computer Science or related field, or relevant experience.
• 5+ years of experience in cybersecurity roles, focusing on cloud security.
• Proven experience working as an IT Security Engineer or in a similar role, focusing on information security.
• Strong knowledge of network and system security principles, practices, protocols, and technologies.
• Hands-on experience with cloud platforms such as AWS, O365 and Azure.
• In-depth knowledge of security technologies and protocols, such as Vulnerability tools, Data protection, encryption, IAM, endpoint detection, and event/incident management.
• Familiarity with industry security standards and frameworks, such as ISO 27001, NIST, and CSA.
• Excellent analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with diverse teams and stakeholders.
• Relevant certifications (e.g., CISSP, CCSP, AWS Certified Security – Specialty) preferred.
• Experience with scripting and automation tools for security tasks (e.g., Python, PowerShell) is a plus.

• Support the design and implement security controls for cloud-based platforms, ensuring compliance with industry standards and regulations such as ISO 27001, FedRAMP, NIST, IRAP, and SOC 2.
• Conduct technical risk assessments of cloud infrastructure and applications, identifying potential security gaps and recommending countermeasures.
• Assist with development and maintenance of cyber security technical controls and operations, standards, and procedures for cloud deployments in collaboration with cross-functional teams.
• Assist with technical third-party security audits and assessments.
• Identify and assess vulnerabilities, risks, and cyber security threats and their impact on Nuix’s platforms and applications.
• Implement and configure security controls across various cloud services, such as AWS and Azure.
• Participate in incident response activities, including investigating security breaches and implementing corrective actions to prevent recurrence. Monitor and analyse security logs, alerts, and events to identify and respond to security incidents and threats.
• Collaborate with development and operations teams to integrate security into the software development lifecycle (SDLC) and DevOps processes.
• Manage and maintain security infrastructure, including vulnerability scan tools, intrusion detection and prevention systems, anti-malware solutions, and other security platforms.