19 Cloud Security jobs in Australia

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**The role:**
The Senior Technical Consultant: Cloud Security is an advanced subject matter expert involved in highly complex environments, focusing on design, deployment, integration, and configuration of cloud security solutions.
You will be responsible for providing expert-level guidance and strategic direction to clients in assessing, designing, and implementing cloud technologies from a security standpoint. This role emphasis deep technical expertise, technical leadership, whilst at the same time developing business acumen.
**Key responsibilities:**
+ Consult with clients and design solutions across a broad range of cyber security topics to support clients' business strategies
+ Coordinate activities of engineers, leading by example and monitoring the quality of work when required
+ Write reports and proposals, complete and maintain project documentation
+ Act as a coach and mentor to junior engineers and consultants
+ Take ownership of relevant technologies within your domain or area of specialiszation
+ Engage with vendors to escalate critical issues or report bugs found during deployments
+ Collaborate with sales and presales teams to define project scope, delivery plans, and resource requirements aligned with client goals
+ Actively promote NTT DATA's services to support business growth
+ Perform any other related task as required
**To thrive in this role, you need to have:**
+ An advanced understanding and appreciation of technical design and business principles
+ Strong project fundamental and administration ability
+ Demonstrated expertise in project execution
+ Advanced customer engagement skills
+ Deep knowledge and specialisation in relevant technical domains
+ Excellent verbal communication skills
+ A client focus mindset with a a proactive approach to problem solving
+ Advanced ability to coach, mentor, and provide guidance to team members
+ The ability to take ownership as a technical lead throughout the project lifecycle
**Qualifications and Certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computing or related field.
+ Cloud certifications (mandatory): AZ-500, MS-500, SC-100, SC-300, AWS Solution Architect/Security, or Google Professional Cloud Security Engineer
+ Additional certifications/experience (highly preferred): Cortex Cloud/Prisma Cloud, Wiz, or Defender for Cloud
+ Automation, Security Operations, and Network Security certifications (preferred): Azure Certified DevOps Engineer, Azure Certified Solutions Architect, Palo Alto Networks certifications, Cisco Security certifications
+ CISSP, CISM, CCSP, CISA, ITIL - highly preferred
**Required experience:**
+ Advanced experience in M365, Azure, AWS or GCP, including security patterns and best practices, design, and assessment.
+ Advanced experience with Defender for Cloud, or Prisma Cloud, or Wiz
+ Deep understanding of security frameworks and compliance standards such as NIST, ISO 27001, ISM, and ASD Blueprints
+ Advanced experience in configuration and management of cloud security controls.
+ Advanced experience in log collection configuration, MS Sentinel/Splunk/XSIAM configuration
+ Experience with various security technologies and solutions like Identity Management, Firewall, Endpoint Protection, SASE, API Protection.
+ Experience in Infrastructure as a Code (IaC), automation, and DevOps pipeline configuration.
+ Experience in scripting languages such as Python or PowerShell, and experience with automation tools like Ansible, Puppet, or Chef.
+ Experience in writing technical documentation, designing patterns, implementation and testing of cloud solutions, technical support to clients.
+ Experience in handling security incidents
#L1-APAC
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**The role:**
The Senior Technical Consultant: Cloud Security is an advanced subject matter expert involved in highly complex environments, focusing on design, deployment, integration, and configuration of cloud security solutions.
You will be responsible for providing expert-level guidance and strategic direction to clients in assessing, designing, and implementing cloud technologies from a security standpoint. This role emphasis deep technical expertise, technical leadership, whilst at the same time developing business acumen.
**Key responsibilities:**
+ Consult with clients and design solutions across a broad range of cyber security topics to support clients' business strategies
+ Coordinate activities of engineers, leading by example and monitoring the quality of work when required
+ Write reports and proposals, complete and maintain project documentation
+ Act as a coach and mentor to junior engineers and consultants
+ Take ownership of relevant technologies within your domain or area of specialiszation
+ Engage with vendors to escalate critical issues or report bugs found during deployments
+ Collaborate with sales and presales teams to define project scope, delivery plans, and resource requirements aligned with client goals
+ Actively promote NTT DATA's services to support business growth
+ Perform any other related task as required
**To thrive in this role, you need to have:**
+ An advanced understanding and appreciation of technical design and business principles
+ Strong project fundamental and administration ability
+ Demonstrated expertise in project execution
+ Advanced customer engagement skills
+ Deep knowledge and specialisation in relevant technical domains
+ Excellent verbal communication skills
+ A client focus mindset with a a proactive approach to problem solving
+ Advanced ability to coach, mentor, and provide guidance to team members
+ The ability to take ownership as a technical lead throughout the project lifecycle
**Qualifications and Certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computing or related field.
+ Cloud certifications (mandatory): AZ-500, MS-500, SC-100, SC-300, AWS Solution Architect/Security, or Google Professional Cloud Security Engineer
+ Additional certifications/experience (highly preferred): Cortex Cloud/Prisma Cloud, Wiz, or Defender for Cloud
+ Automation, Security Operations, and Network Security certifications (preferred): Azure Certified DevOps Engineer, Azure Certified Solutions Architect, Palo Alto Networks certifications, Cisco Security certifications
+ CISSP, CISM, CCSP, CISA, ITIL - highly preferred
**Required experience:**
+ Advanced experience in M365, Azure, AWS or GCP, including security patterns and best practices, design, and assessment.
+ Advanced experience with Defender for Cloud, or Prisma Cloud, or Wiz
+ Deep understanding of security frameworks and compliance standards such as NIST, ISO 27001, ISM, and ASD Blueprints
+ Advanced experience in configuration and management of cloud security controls.
+ Advanced experience in log collection configuration, MS Sentinel/Splunk/XSIAM configuration
+ Experience with various security technologies and solutions like Identity Management, Firewall, Endpoint Protection, SASE, API Protection.
+ Experience in Infrastructure as a Code (IaC), automation, and DevOps pipeline configuration.
+ Experience in scripting languages such as Python or PowerShell, and experience with automation tools like Ansible, Puppet, or Chef.
+ Experience in writing technical documentation, designing patterns, implementation and testing of cloud solutions, technical support to clients.
+ Experience in handling security incidents
#L1-APAC
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Vice President, BISO, Senior Cloud Security Specialist, Global Information Security, Australia
Sydney, Australia
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
**Job Overview:**
The Cloud Security Specialist is responsible for designing, implementing, and managing security controls across multi-cloud environments, with a specific emphasis on Azure and AWS platforms, to ensure the protection of organizational data and systems. This role requires deep expertise in cloud security, architecture principles, and industry standards. The ideal candidate will work closely with various teams to ensure the security of cloud-based applications, data, and infrastructure.
**Key Responsibilities:**
+ Lead the design and implementation of secure cloud architectures and solutions, ensuring alignment with business objectives and security requirements.
+ Maintain and update risk registers and ensure continuous monitoring of cloud security risks.
+ Act as a liaison between the security team and other departments to promote a security-first culture.
+ Security Controls -
+ Define and implement security controls and policies for cloud environments, ensuring compliance with industry standards (e.g., ISO 27001, NIST, GDPR, HIPAA) and bank security policies.
+ Continuously improve security controls and processes to enhance the organization's security posture.
+ Develop and maintain documentation for security controls, policies, and procedures.
+ Policy as Code (PaC) Implementation -
+ Policies are increasingly managed as code, requiring developers skilled in scripting and programming to define, customize, and automate these policies using tools like HashiCorp Sentinel, Open Policy Agent (OPA), and Terraform.
+ Integration with CI/CD Pipelines -
+ Developers ensure that security policies are embedded in CI/CD workflows to enforce compliance during the development and deployment phases.
+ Custom Solutions Development -
+ Off-the-shelf security tools often need customization to fit organizational requirements. Developers can write custom modules, scripts, or extensions to adapt these tools effectively.
+ Collaboration with Security Teams -
+ Developers act as a bridge between security and DevOps teams, ensuring that security policies align with operational workflows without hindering development agility.
+ Governance and Regulatory Compliance -
+ Conduct regular security assessments and audits of cloud environments to identify and mitigate risks.
+ Conduct risk assessments to identify potential security threats and vulnerabilities in cloud environments.
+ Evidence Package Creation - Package evidence of security policies deployment and effectiveness proving to non-technical audience, Audit and Governance Teams, the effectiveness of security policies.
+ Participate in internal and external audits to demonstrate compliance with cloud security requirements.
**Required Skills:**
+ 5 years of experience in cloud security.
+ Currently hold active AWS Security Specialty or Azure AZ-500 certification.
+ In-depth understanding of cloud security principles, best practices, and industry frameworks such as OWASP Top 10, NIST, CSA, CIS benchmarks.
+ Familiarity in programming and scripting languages such as Python, TF, Go, or JavaScript.
+ Experience building and implementing IaC/PaC governance strategies with appropriate tooling (e.g., Terraform, CloudFormation, OPA, HashiCorp Sentinel, etc.).
+ Strong understanding of CI/CD pipelines and DevOps practices.
+ Hands-on experience with cloud-native and third-party security solutions, including Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP).
+ Demonstrated capability to translate technical information into a format that a non-technical audience will understand and clear communication skills.
**Desired Skills:**
+ Relevant industry certifications such as ISC2 and SANS GIAC are highly desirable.
+ Strong communication and interpersonal skills to work effectively with cross-functional teams.
+ Ability to manage multiple projects and priorities in a fast-paced environment.
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE .
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

Vice President, Cloud Security Lead DevOps Engineer
Sydney, Australia
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
Bank of America is currently seeking an experienced Cloud Security Lead DevOps Engineer to support our mission of providing secure, reliable, and innovative cloud solutions to our clients.
The Cloud Security Lead works to deliver high-quality cloud solutions and helps drive a strong DevSecOps culture. As part of the Cloud Operations team, you will be responsible for the operations, development, deployment, and architecture of our cloud infrastructure.
Ensure that the CSO's operational processes, from incident response to threat intelligence, are optimized for cloud environments and adhere to the strategic direction, with a focus on leveraging cloud-native security capabilities.
You will be expected to share the escalation of on-call investigations and provide leadership for incident response. Working closely with our development teams you will be a champion of DevSecOps best practices including CI/CD, Infrastructure as code, containerization, microservice architecture, automated testing, and security.
Primary Responsibilities
+ Collaborate with Developers to build a world-class infrastructure that can meet our customer's security and uptime requirements
+ Act as a key contributor to the development of our developer and CI/CD processes to improve our developer agility and code quality
+ Approve release for CI/CD DevSecOps (implementation engineering)
+ Manage CI/CD and pipeline for incident response
+ Lead CSO incident response, drive recovery actives and support post incident processes
+ Manage mission-critical cloud-based production systems; proactively take action if/when systems are down or there are interruptions in service; root cause and implement corrective actions to build long-term customer loyalty
+ Develop and improve processes and procedures for the CSO team
+ Ensure compliance to Service Level Agreements (SLA), process adherence
+ Create compliance reports, support the audit process, measure CSO performance metrics
+ Help to identify emerging technologies & security practices that can enhance our offering to our customers
+ Be passionate about security, automation, quality, and reliability.
+ Report on security operations to business leaders
Required Skills
+ Knowledge of AWS and its associated technologies, both from Security and Cloud Ops perspective (Guard Duty, Control Tower, etc.)
+ Knowledge of Terraform
+ Experience taking vulnerabilities that are generated from 3rd Party scanning, do the analysis, determine remediation and implement remediation on lower environments. Validate fix, follow process to get that on to Production.
+ Experience with Incident Management and crisis management
+ Maintain smooth operation of multi-user computer systems, including coordination with network, software, and system engineers, PC desktop technicians, project managers, end users, and customer and IT management.
+ Recommend and implement system enhancements that will improve the performance and reliability of the system including installing, upgrading/patching, monitoring, problem resolution, and configuration management.
+ Experience with Azure Security Center, Google Cloud Security
+ Understanding of networking systems, security vulnerabilities, exploits and attack, s
+ Basic understanding of threat frameworks, such as ATT&CK.
+ Understanding of Risk Management principles.
+ Experience in building, configuring, operating and/or securing cloud infrastructure and applications in a CSP utilizing either native capabilities or 3rd party vendor tools.
+ Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls.
+ Ensure new releases of products are compatible, aligned to CSO strategy and properly onboarded to operations practices.
+ Develop and document technical processes and procedures as needed. Provide technical assistance and support for incoming queries and issues related to computer systems, software, and hardware.
+ Minimum 3+ years in Cloud Technologies preferably AWS
+ Minimum 3+ years of experience with deployment orchestration systems such as Kubernetes, ECS, and Elastic Beanstalk
+ Minimum 2+ years of experience working with CI/CD tools such as CircleCI or Jenkins
+ Minimum 2+ years of experience with Docker and Docker-Compose
+ Minimum 4+ years with configuration management and automation tools (e.g., Puppet, Ansible, Chef, CloudFormation, SaltStack, Terraform)
+ Strong Linux system administration experience
+ Strong programming experience in at least one language (python, node, java, go, c/c++, ruby)
+ Experience with logging and monitoring tools such as ELK, DataDog or NewRelic, LogEntries, SumoLogic, etc.
+ Able to participate in 24/7 incident response escalation.
+ Strong written and verbal communication skills
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE .
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

Title:
Senior Information Security Officer - Defence Sector
Your KBR future - delivering solutions and changing the world
About KBR:
We are a company of innovators, thinkers, creators, explorers, volunteers and dreamers who all share one goal - to improve the world.
KBR delivers science, technology and engineering solutions to governments and companies around the world. KBR employs approximately 34,000 people performing diverse, complex, and mission-critical roles in 33 countries.
For 65 years, KBR and its heritage companies are proud to have delivered some of Australia's largest and most complex projects.
With around 2,000 employees in 6 primary offices throughout Australia, we are committed to social and environmental sustainability and delivering projects with a digital mindset driving innovation within our business and for our customers.
We help ensure mission success on land, in the air, at sea, in space and cyberspace for our Defence customers. From individual technologies and services to comprehensive project delivery and mission execution, no other company can match the breadth and depth of KBR.
KBR comprises a talented team who provide a broad spectrum of capabilities across Australia and the Asia Pacific. Our proven project teams readily address complex and multi-disciplinary activities, providing low-risk and cost-effective solutions to the Defence force.
The Opportunity:
KBR is inviting expressions of interest from highly skilled and experienced Senior Information Security Officers to support critical Defence programs based in Brisbane or Canberra.
As a Senior Information Security Officer, you will play a vital role in ensuring the protection of Defence systems, information, and assets, supporting the ongoing delivery of secure, reliable, and compliant Defence capabilities. This is an exciting opportunity to contribute to national security outcomes and work with a diverse team of experts on high-impact Defence projects.
The key responsibilities of the role will include, but is not limited to:
+ Lead the development, implementation, and maintenance of Information Security Management Systems (ISMS) to ensure Defence compliance with ISO 27001, ACSC Essential 8, and Defence Security requirements.
+ Conduct risk assessments and vulnerability management, ensuring appropriate information security controls are in place to protect Defence systems and data across their lifecycle.
+ Develop and enforce information security policies, procedures, and best practices, ensuring Defence IT infrastructure and systems are protected against cyber threats and vulnerabilities.
+ Support the implementation and maintenance of cybersecurity frameworks and ensure compliance with national and international information security standards.
+ Provide expert advice to Defence stakeholders and project teams on information security best practices, emerging threats, and mitigation strategies.
+ Collaborate with cross-functional teams, including Defence security, engineering, and project management, to ensure robust security governance for all Defence programs.
+ Conduct security audits, assessments, and incident response activities to ensure the availability, integrity, and confidentiality of Defence information assets.
+ Maintain awareness of current cybersecurity trends and emerging threats, and continuously update security practices to protect Defence information systems.
As the ideal candidate you will bring:
+ Tertiary qualifications in Information Security, Computer Science, Information Technology, or a related discipline.
+ Minimum 5 years of experience in an Information Security role, ideally within Defence, Government, or similarly regulated industries.
+ Expertise in implementing and managing Information Security Management Systems (ISMS) and conducting security risk assessments.
+ Strong knowledge of Defence security policies, standards, and frameworks, including ISO 27001, NIST, ACSC Essential 8, and DEF(AUST) 3000.
+ Experience with security tools, such as SIEM, firewalls, endpoint protection, and vulnerability scanning tools.
+ Proven ability to communicate effectively with senior stakeholders, providing expert guidance on complex security issues.
+ Australian Citizenship is essential due to security clearance requirements.
+ NV1 security clearance (or the ability to obtain) is highly desirable.
Benefits of KBR
+ A workplace culture certified as a Great Place To Work (Aus, India, UK & US)
+ Flexible working conditions
+ Competitive salary (including annual reviews)
+ Paid Parental leave
+ Paid Reservist leave
+ Income protection
+ Corporate rewards
+ Salary packaging/Novated leasing
+ Discounted employee stock purchase plans
+ Flu shots, skin checks and private health insurance discounts
+ Career development: Online learning, mentorship and career pathways
If you're ready to shape tomorrow, let's get started. Apply Now!
KBR acknowledges the Traditional Custodians of Country throughout Australia and their continuing connections to land, sea, community and culture. We pay our respects to Elders past and present.
As a Major Service Provider of the Australian Defence Force, an AGSVA security clearance will be required and compliance to International Traffic in Arms Regulations (ITAR). As such, our hiring decisions are based on the key requirements of each role and candidates are selected based on their unique strengths and experiences.
#LI-JAW1

Title:
Senior Information Security Officer - Defence Sector
Your KBR future - delivering solutions and changing the world
About KBR:
We are a company of innovators, thinkers, creators, explorers, volunteers and dreamers who all share one goal - to improve the world.
KBR delivers science, technology and engineering solutions to governments and companies around the world. KBR employs approximately 34,000 people performing diverse, complex, and mission-critical roles in 33 countries.
For 65 years, KBR and its heritage companies are proud to have delivered some of Australia's largest and most complex projects.
With around 2,000 employees in 6 primary offices throughout Australia, we are committed to social and environmental sustainability and delivering projects with a digital mindset driving innovation within our business and for our customers.
We help ensure mission success on land, in the air, at sea, in space and cyberspace for our Defence customers. From individual technologies and services to comprehensive project delivery and mission execution, no other company can match the breadth and depth of KBR.
KBR comprises a talented team who provide a broad spectrum of capabilities across Australia and the Asia Pacific. Our proven project teams readily address complex and multi-disciplinary activities, providing low-risk and cost-effective solutions to the Defence force.
The Opportunity:
KBR is inviting expressions of interest from highly skilled and experienced Senior Information Security Officers to support critical Defence programs based in Brisbane or Canberra.
As a Senior Information Security Officer, you will play a vital role in ensuring the protection of Defence systems, information, and assets, supporting the ongoing delivery of secure, reliable, and compliant Defence capabilities. This is an exciting opportunity to contribute to national security outcomes and work with a diverse team of experts on high-impact Defence projects.
The key responsibilities of the role will include, but is not limited to:
+ Lead the development, implementation, and maintenance of Information Security Management Systems (ISMS) to ensure Defence compliance with ISO 27001, ACSC Essential 8, and Defence Security requirements.
+ Conduct risk assessments and vulnerability management, ensuring appropriate information security controls are in place to protect Defence systems and data across their lifecycle.
+ Develop and enforce information security policies, procedures, and best practices, ensuring Defence IT infrastructure and systems are protected against cyber threats and vulnerabilities.
+ Support the implementation and maintenance of cybersecurity frameworks and ensure compliance with national and international information security standards.
+ Provide expert advice to Defence stakeholders and project teams on information security best practices, emerging threats, and mitigation strategies.
+ Collaborate with cross-functional teams, including Defence security, engineering, and project management, to ensure robust security governance for all Defence programs.
+ Conduct security audits, assessments, and incident response activities to ensure the availability, integrity, and confidentiality of Defence information assets.
+ Maintain awareness of current cybersecurity trends and emerging threats, and continuously update security practices to protect Defence information systems.
As the ideal candidate you will bring:
+ Tertiary qualifications in Information Security, Computer Science, Information Technology, or a related discipline.
+ Minimum 5 years of experience in an Information Security role, ideally within Defence, Government, or similarly regulated industries.
+ Expertise in implementing and managing Information Security Management Systems (ISMS) and conducting security risk assessments.
+ Strong knowledge of Defence security policies, standards, and frameworks, including ISO 27001, NIST, ACSC Essential 8, and DEF(AUST) 3000.
+ Experience with security tools, such as SIEM, firewalls, endpoint protection, and vulnerability scanning tools.
+ Proven ability to communicate effectively with senior stakeholders, providing expert guidance on complex security issues.
+ Australian Citizenship is essential due to security clearance requirements.
+ NV1 security clearance (or the ability to obtain) is highly desirable.
Benefits of KBR
+ A workplace culture certified as a Great Place To Work (Aus, India, UK & US)
+ Flexible working conditions
+ Competitive salary (including annual reviews)
+ Paid Parental leave
+ Paid Reservist leave
+ Income protection
+ Corporate rewards
+ Salary packaging/Novated leasing
+ Discounted employee stock purchase plans
+ Flu shots, skin checks and private health insurance discounts
+ Career development: Online learning, mentorship and career pathways
If you're ready to shape tomorrow, let's get started. Apply Now!
KBR acknowledges the Traditional Custodians of Country throughout Australia and their continuing connections to land, sea, community and culture. We pay our respects to Elders past and present.
As a Major Service Provider of the Australian Defence Force, an AGSVA security clearance will be required and compliance to International Traffic in Arms Regulations (ITAR). As such, our hiring decisions are based on the key requirements of each role and candidates are selected based on their unique strengths and experiences.
#LI-JAW1

**Bring out your best**
SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best.
**What you will do**
The Splunk Engineer will be responsible for maintaining the overall Splunk architecture and the effectiveness and efficiency of the SIEM. This includes proficiency in managing search heads, indexers, deployment servers and heavy forwarders. A strong understanding of Enterprise Security and SOAR is required.
The splunk Engineer will demonstrate advanced knowledge of Splunk Cloud and the configuration of federated search, troubleshoot issues, and provide support for the creation of Splunk search queries and dashboards.
Key Responsibilities Include:
- Manage Splunk and Splunk ES application updates, dashboarding, integrations and health checks.
- Onboard new data/log sources and run queries and searches to inform requests.
- Perform data quality and data model assessments on a periodic basis
- Maintain Heavy Forwarding logging infrastructure.
- Maintain existing on premise Splunk Enterprise and SOAR - including patching, application updates integrations and health checks
- Assist in playbook and automation maintenance also Use Case development
- Investigate technologies to assist with vulnerability analysis and remediation efforts
- Stay up-to-date with the latest security threats, vulnerabilities, and trends.
**What you bring**
+ Relevant certifications such as Splunk Core. Architect, ES and SOAR are preferred.
+ 3 Years of experinece in cybersecurity knowledge of common cybersecurity threats, vulumerabilities, and attack vectors.
+ Proficient in Splunk ES data models and Splunk query language.
+ Experience user of Git/ GitHub, Docker and Kubernetes.
+ Ability to work in a fast-paced , high- pressure environment. Strong problem-solving and analytical skills. Excellent written and verbal communication skills.
+ The splunk engineer will have a good understanding of ITIL processes and tools.
+ Experience administering and/or develping for an enterprise level implementation of Splunk (clustered architecture).
**Meet your team**
What is SAP Sovereign Cloud Services Australia Delivery?
+ Is a cloud offering designed to deliver SAP Intelligent Enterprise cloud solutions within the sovereign boundary of Australia.
+ Aligns to the Australia / New Zealand Public Sector and Critical Infrastructure requirements.
+ Adheres to the information security protection requirements consistent with the PSPF and ISM controls for PROTECTED information.
Mandatory
_Must hold an_ _Australian Government Security Clearance_ _._
#SAPSovereignCloudCareers #SovereignCloudCareers
?
**Bring out your best**
SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best.
**We win with inclusion**
SAP's culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone - regardless of background - feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team:
For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy ( . Specific conditions may apply for roles in Vocational Training.
**EOE AA M/F/Vet/Disability:**
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.
Successful candidates might be required to undergo a background verification with an external vendor.
Requisition ID: 393565 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations:
?

With over 17,000 employees worldwide, the mission of the Customer Experience & Success (CE&S) organization is to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft's products and services, ignited by our people and culture. Come join CE&S and help us build a future where customers achieve their business outcomes faster with technology that does more.
We are looking for a Cloud Solution Architect (CSA), specializing in Data Security who is passionate about driving our customers' security & AI transformation on the Microsoft Platform. Microsoft Data Security Cloud Solution Architects are trusted advisors for customers attempting to secure their entire data estates against internal and external data risk. Microsoft Purview's integrated Data Security services support customers holistically secure data:
+ Protect sensitive information using data classification, sensitivity labelling and encryption capabilities.
+ Manage insider risks by using machine learning to detect potentially malicious usage, extending into adaptive protection to dynamically enforce data security controls.
+ Prevent Data Loss using built in exfiltration policies for Microsoft 365 apps, services and endpoints.
Cloud Solution Architects support customers through the whole adoption lifecycle, through planning, adoption, deployment and optimization. This is a customer-facing role, owning the technical relationship between the customer and Microsoft, helping customers to leverage their Microsoft investments through architecture, implementation, and operational health engagements.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
+ To drive positive customer satisfaction by acting as a trusted advisor to customers. You will be the voice of the customer and required to provide feedback and insights from customers and partners to global security teams at Microsoft, including engineering and product teams.
+ To land an end-to-end value proposition for Security (i.e., Zero Trust), which spans the breadth of Microsoft security offerings, focusing on data security, threat protection, identity/access management and cloud security.
+ To support customers through their adoption lifecycle; from planning to adoption, deployment, followed by optimization. You will support the adoption of Microsoft security products as you lead technical solutioning and nurture customers through their adoption journey.
+ To deliver technical presentations and product demonstrations to customers. You will present options and propose high-level solutions, working with key Microsoft and partner resources to drive deployment and adoption. While engaging with customers, you will identify cross sell, upsell and Microsoft Unified expansion opportunities, handing these off to relevant teams and supporting the opportunities as required.
+ To align your individual skilling to team or area demands and customer success goals. You will utilize Microsoft intellectual property to accelerate customer outcomes, share your expertise with colleagues and contribute to the creation of new IP resources.
+ To lead architectural design sessions to help customers construct plans for implementation of solutions; governing design in line with customer business objectives and their technical environment. The outcome of such sessions being consensus on solution design and next steps toward production deployment.
+ To collaborate and orchestrate complex end-to-end enterprise security solutions with other Cloud Solution Architects and Microsoft stakeholders.
**Qualifications**
**Required/Minimum Qualifications**
+ Bachelor's Degree in Computer Science, Information Technology, Engineering, Business, or related field AND 4+ years experience in cloud/infrastructure technologies, information technology (IT) consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting
+ OR equivalent experience
**Additional or Preferred Qualifications**
+ Bachelor's Degree in Information Management, or related field and 5+ years' experience in Data / Information Management.
+ Ability to lead strategic customer conversations to educate and guide development of Data Security requirements.
+ Ability to lead strategic customer conversations to develop Data Security Frameworks and solution architecture design.
+ Australian Government security clearances highly beneficial.
+ An interest in new technologies and a willingness to stay ahead of the curve on Microsoft product directions.
+ Experience in Content Services
+ Recognised Data Management or Data Security certification such as:
+ Cloud Data Management Capabilities (CDMC) Certification
+ OR Data Management Capability Assessment Model (DCAM) Certification
+ OR Certified Data Management Professional (DAMA)
+ OR Certified Protection Professional (CCP) or equivalent Protection certification
+ Microsoft certification in one of more of the following:
+ SC-400, SC-100, MS-500, MS-102, SC-300, MS-900, SC-900
+ Programming experiences, using REST API (e.g. C#, Python)
+ Technical Certification in Microsoft 365 and other Cloud technologies (e.g., Azure, Amazon Web Services, Google, security certifications).
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

Vice President, Incident Response Manager, Global Information Security, Australia
Sydney, Australia
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
**Your background**
+ Proven experience handling Information Security related events and incidents.
+ Experience in an operations focused role with an emphasis on cyber incident response.
+ Demonstrable experience in the coordination of containment activities related to cyber security incidents.
+ Familiarity with security vulnerabilities exploits and APT tools, techniques, and procedures.
+ Familiarity with network security vulnerabilities, exploits, malware, and digital forensics desirable.
+ An excellent verbal and written communicator who can adapt to their audience.
+ Decisive and can make difficult decisions in what can be a high-pressure environment.
+ Exercise independent judgment in methods, techniques, and evaluation criteria for obtaining results.
+ Able to handle multiple competing priorities in a fast-paced environment and act without causing an undue delay.
+ Supportive and can work well as part of a team as well as independently.
+ Ability to remain calm under pressure.
+ Ability to work in a strong team-orientated environment with a sense of urgency and resilience.
+ Must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks whilst remaining risk and objective focused, with an investigative mindset.
+ Security+ or equivalent certification.
+ GCIH or equivalent certification required within six months of employment.
**What you can expect**
Cyber Incident Response and Management is part of the Cyber Response & Recovery division who provides a globally coordinated and managed response capability for information security events and incidents that may impact the confidentiality, integrity, and/or availability of the Bank's information and information systems or has privacy implications.
The role of the Senior Incident Manager is to coordinate the response and recovery activities from information security incidents. This includes collaboration with appropriate response, assist with determining the root cause of incidents and work with stakeholders and responsible parties to remediate any identified control gaps or failures; Escalate issues to management in a timely manner with appropriate information regarding severity, exposure, and action items; this role requires critical thinking and investigative mindset coupled effective written, and verbal communication skills.
This is a senior role on the team with high visibility at the global level including interacting with and providing direct updates to executives and senior leadership stakeholders. A Senior Incident Manager provides their knowledge and expertise in incident response to lead, mentor, and challenge associates on the team. The team conducts follow-the-sun (FTS) operations which you will work closely with AMRS and APAC regions.
**What you will do**
+ Establish oversight of information security events and cyber incidents and communicate analysis, containment and remediation efforts to all business partners.
+ Cyber incident response and recovery plans will be available to use and should be maintained by the team. Any issues that require management escalation will be expected to be completed in a timely manner including all appropriate information in relation to risk and action times.
+ The Cyber Incident Manager will be expected to provide status updates and post-incident findings for executives and stakeholders in non-technical terms encompassing risk, impact, likelihood, containment and remediation activities and threat actors.
+ Risk management including briefing and recommending actions to executive leadership within Global Information Security and other business partners on events and incidents.
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE .
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.