Product, Design, Technology & Analytics Division
Prospa is driven by its people. Their diversity, skills and passion are the foundation of what we deliver to our customers - where employees are dedicated to achieving stellar results and exceeding customer expectations. Our values of Fairness, Great Decision Making, Partnerships and Thinking Differently inform how we think and act every day.
Prospa is looking for a Security Operations Engineer to join a growing, highly talented and very passionate engineering and cyber security team. If you feel that you’ve got what it takes to build and operate secure practices that sets us apart from the crowd in one of Australia’s fastest growing companies, then this is the job for you.
Internally within the engineering team we value the following qualities: Professionalism, Respect for People, Trust in ourselves and team, Integrity and Accountability for our role in delivering secure products and services to our customers, both internal and external.
The Security Operations Engineer will work closely with the Cyber Security Officer, third party service providers and stakeholders from all parts of the business to improve the security of Prospa and of its customers. This role will focus on the day to day management of security operations as well as identifying opportunities for improvement, building new capability and responding to incidents where required. The Security operations Engineer will be someone who takes ownership of their work, shows initiative through effective problem-solving skills and has the ability to clearly communicate ideas or recommendations to a variety of people with varying technical knowledge.
They will drive efficiencies within the security operations space and play an integral role in building a strong operations and monitoring capability with robust and consistent processes and procedures to ensure the timely detection and remediation of security issues. They will be versed in technical security tools, cloud technologies and take ownership of security operations responsibilities. The role will work closely with the Product, Design, and Engineering teams potentially providing ad hoc technical security advice where needed.
Key responsibilities include
- Own and run security operational tasks such as phishing attack simulations, user access reviews, automated vulnerability testing, technical reviews, backups and remediation.
- Maintain CASB and SIEM platforms, as well as other monitoring tools to detect anomalous activity, automate log processing and monitoring. Develop custom correlation and DLP rules to identify and block abnormal activity or indicators of compromise.
- Work closely with IT consultants and managed service providers to drive security relevant IT operational tasks including patching and drive encryption, as well as manage and remediate penetration testing assessments.
- Maintain Next Generation Antivirus platforms to protect and monitor endpoints.
- Investigate and respond to security incidents as well as perform root cause analysis and recommend improvements to optimise security incident management procedures.
- Continually review and improve the security operations function by identifying requirements, developing skills, identifying new techniques and developing automation to mitigate security risks and incidents efficiently.
- Research threat intelligence and news sources to identify events relevant to the company.
- Develop and refine standard security dashboard reporting to regularly inform management on the current state of security across the environment.
- Contribute to various security projects and assist the Cyber Security Officer in the delivery of the Cyber Security roadmap in accordance to timeframes and budget.
Essential Qualifications, Experience, & Skills
- Minimum 2-3 years relevant experience in security, preferably in a technical operations role
- Strong technical skills including networking, software engineering, systems engineering, penetration testing and security monitoring
- Experience with security technologies including SIEM, NGAV and CASB
- Experience in a cloud infrastructure environment - AWS or Azure, preferably with PaaS and Windows Operating Systems
- Solid experience with security incident response practice and processes
- Experience with common information security management frameworks, standards, principles and processes (CIS, SANS, ISO, NIST etc)
Desirable and highly regarded
- Relevant security certifications (CISSP, GIAC, Security+, CEH, OSCP etc)
- Experience with Information Security Management Systems (ISMS) or Payments Card Industry Data Security Standard (PCIDSS)
- Exposure to threat intelligence capabilities and activities
- Experience in development, systems administration and/or IT operations
- Experience in highly automated DevOps environments and familiarity with toolsets including Git, ARM, EBS, CloudFormation, Docker, Puppet, Chef etc
Competencies and Personal Attributes
- Analytical, investigative and problem-solving skills
- Passionate about security
- Proactive, driven and self motivated
- Takes ownership of processes
- Balances long term thinking with short term outcomes
- Open to constructive feedback
- Excellent communication skills (both written and verbal).
- To be a self-starter with the ability to work independently and within a team.
- Good planning, time management and multi-tasking skills.
All Prospa employees are expected to demonstrate behaviours that support the Prospa culture, values and code of conduct. Compliance with the relevant legislation including WH&S, & Anti- Discrimination Act.