27 Cloud Security jobs in Australia

We're looking for a highly skilled and hands-on Lead Cloud Security Engineer to help secure our cloud environments, with a strong focus on AWS as our primary cloud provider. Azure experience is desirable, and GCP knowledge is a bonus but not mandatory. This role is ideal for someone who thrives in technical environments and enjoys working across cloud platforms to implement robust security solutions.

The day to day

• Review cloud architecture and configurations to ensure alignment with security best practices.
• Conduct risk assessments, threat modelling, and vulnerability analysis across cloud platforms.
• Implement and manage cloud-native security tools, particularly Prisma Cloud CNAPP.
• Design and deploy automated security workflows and remediation processes.
• Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines.
• Respond to and manage cloud-related security incidents.
• Develop and enforce cloud security policies, standards, and controls.
• Provide expert guidance and support to teams on cloud security principles and practices.

What makes you a great fit?

• Degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Cloud security certifications (AWS, Azure, or GCP); AWS Security Certification preferred.
• Strong hands-on experience with AWS; familiarity with Azure and GCP is a plus.
• Experience with infrastructure-as-code tools such as Terraform, CloudFormation, or Ansible.
• Proven experience securing CI/CD pipelines using tools like Jenkins, Bamboo, or similar.
• Proficiency in scripting languages such as Python, PowerShell, or Bash.
• Familiarity with container technologies including Docker and Kubernetes.
• Solid understanding of common application security threats (e.g., SQL injection, XSS).
• Experience with Prisma Cloud CNAPP would be highly beneficial.
• Strong communication and stakeholder engagement skills.

Perks we love at Optus

• 3 days in the office, 2 days remote - with flexible hours to suit!
• Discounts to Optus products and services
• Vibrant and collaborative office campus that includes cafes, convenient store, chill out zones, GP, post office, gym, and an on-site childcare centre.
• Inclusive gender neutral paid Parental Leave of up to 16 weeks
• Competitive leave including 2 additional 'Connected Leave' days
• All Optus employees have access to resources, webinars and support via the ‘Parents at Work portal'
• Own your own growth by accessing an extensive online and facilitator led learning catalogue.
• Novated car leasing, and other financial benefits
• Connect at work through our employee-led volunteer groups: Culture Connect, Elevate Women, Disability Network, Express Yourself (LGBTQIA+), United Veterans, Yarn Network, Wellbeing Network and Young Professionals.

Keen to see what it's really like to work at Optus? Search #OptusLife on LinkedIn to go behind the scenes!

At Optus, we are strengthened by others and that means valuing diversity and saying ‘yes' to embracing individual differences. We are committed to ensuring that our application process provides an equal employment opportunity to all job seekers, including individuals from diverse gender, cultural and linguistic backgrounds, individuals with a disability, individuals identifying as being part of the LGBTQIA+ community, individuals who may have served in the armed forces or who identify as Aboriginal and/or Torres Strait Islander. We also want to do our best to make our recruitment process inclusive. If you require any adjustments or accessibility support to participate fairly and equitably in the recruitment process, please email ***@optus.com.au or call . We're here to help. When you contact us, please advise your preferred method of contact and we will be in touch within 48 hours.

For more information on Diversity, Inclusion & Belonging at Optus, please visit

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**The role:**
The Senior Technical Consultant: Cloud Security is an advanced subject matter expert involved in highly complex environments, focusing on design, deployment, integration, and configuration of cloud security solutions.
You will be responsible for providing expert-level guidance and strategic direction to clients in assessing, designing, and implementing cloud technologies from a security standpoint. This role emphasis deep technical expertise, technical leadership, whilst at the same time developing business acumen.
**Key responsibilities:**
+ Consult with clients and design solutions across a broad range of cyber security topics to support clients' business strategies
+ Coordinate activities of engineers, leading by example and monitoring the quality of work when required
+ Write reports and proposals, complete and maintain project documentation
+ Act as a coach and mentor to junior engineers and consultants
+ Take ownership of relevant technologies within your domain or area of specialiszation
+ Engage with vendors to escalate critical issues or report bugs found during deployments
+ Collaborate with sales and presales teams to define project scope, delivery plans, and resource requirements aligned with client goals
+ Actively promote NTT DATA's services to support business growth
+ Perform any other related task as required
**To thrive in this role, you need to have:**
+ An advanced understanding and appreciation of technical design and business principles
+ Strong project fundamental and administration ability
+ Demonstrated expertise in project execution
+ Advanced customer engagement skills
+ Deep knowledge and specialisation in relevant technical domains
+ Excellent verbal communication skills
+ A client focus mindset with a a proactive approach to problem solving
+ Advanced ability to coach, mentor, and provide guidance to team members
+ The ability to take ownership as a technical lead throughout the project lifecycle
**Qualifications and Certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computing or related field.
+ Cloud certifications (mandatory): AZ-500, MS-500, SC-100, SC-300, AWS Solution Architect/Security, or Google Professional Cloud Security Engineer
+ Additional certifications/experience (highly preferred): Cortex Cloud/Prisma Cloud, Wiz, or Defender for Cloud
+ Automation, Security Operations, and Network Security certifications (preferred): Azure Certified DevOps Engineer, Azure Certified Solutions Architect, Palo Alto Networks certifications, Cisco Security certifications
+ CISSP, CISM, CCSP, CISA, ITIL - highly preferred
**Required experience:**
+ Advanced experience in M365, Azure, AWS or GCP, including security patterns and best practices, design, and assessment.
+ Advanced experience with Defender for Cloud, or Prisma Cloud, or Wiz
+ Deep understanding of security frameworks and compliance standards such as NIST, ISO 27001, ISM, and ASD Blueprints
+ Advanced experience in configuration and management of cloud security controls.
+ Advanced experience in log collection configuration, MS Sentinel/Splunk/XSIAM configuration
+ Experience with various security technologies and solutions like Identity Management, Firewall, Endpoint Protection, SASE, API Protection.
+ Experience in Infrastructure as a Code (IaC), automation, and DevOps pipeline configuration.
+ Experience in scripting languages such as Python or PowerShell, and experience with automation tools like Ansible, Puppet, or Chef.
+ Experience in writing technical documentation, designing patterns, implementation and testing of cloud solutions, technical support to clients.
+ Experience in handling security incidents
#L1-APAC
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**The role:**
The Senior Technical Consultant: Cloud Security is an advanced subject matter expert involved in highly complex environments, focusing on design, deployment, integration, and configuration of cloud security solutions.
You will be responsible for providing expert-level guidance and strategic direction to clients in assessing, designing, and implementing cloud technologies from a security standpoint. This role emphasis deep technical expertise, technical leadership, whilst at the same time developing business acumen.
**Key responsibilities:**
+ Consult with clients and design solutions across a broad range of cyber security topics to support clients' business strategies
+ Coordinate activities of engineers, leading by example and monitoring the quality of work when required
+ Write reports and proposals, complete and maintain project documentation
+ Act as a coach and mentor to junior engineers and consultants
+ Take ownership of relevant technologies within your domain or area of specialiszation
+ Engage with vendors to escalate critical issues or report bugs found during deployments
+ Collaborate with sales and presales teams to define project scope, delivery plans, and resource requirements aligned with client goals
+ Actively promote NTT DATA's services to support business growth
+ Perform any other related task as required
**To thrive in this role, you need to have:**
+ An advanced understanding and appreciation of technical design and business principles
+ Strong project fundamental and administration ability
+ Demonstrated expertise in project execution
+ Advanced customer engagement skills
+ Deep knowledge and specialisation in relevant technical domains
+ Excellent verbal communication skills
+ A client focus mindset with a a proactive approach to problem solving
+ Advanced ability to coach, mentor, and provide guidance to team members
+ The ability to take ownership as a technical lead throughout the project lifecycle
**Qualifications and Certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computing or related field.
+ Cloud certifications (mandatory): AZ-500, MS-500, SC-100, SC-300, AWS Solution Architect/Security, or Google Professional Cloud Security Engineer
+ Additional certifications/experience (highly preferred): Cortex Cloud/Prisma Cloud, Wiz, or Defender for Cloud
+ Automation, Security Operations, and Network Security certifications (preferred): Azure Certified DevOps Engineer, Azure Certified Solutions Architect, Palo Alto Networks certifications, Cisco Security certifications
+ CISSP, CISM, CCSP, CISA, ITIL - highly preferred
**Required experience:**
+ Advanced experience in M365, Azure, AWS or GCP, including security patterns and best practices, design, and assessment.
+ Advanced experience with Defender for Cloud, or Prisma Cloud, or Wiz
+ Deep understanding of security frameworks and compliance standards such as NIST, ISO 27001, ISM, and ASD Blueprints
+ Advanced experience in configuration and management of cloud security controls.
+ Advanced experience in log collection configuration, MS Sentinel/Splunk/XSIAM configuration
+ Experience with various security technologies and solutions like Identity Management, Firewall, Endpoint Protection, SASE, API Protection.
+ Experience in Infrastructure as a Code (IaC), automation, and DevOps pipeline configuration.
+ Experience in scripting languages such as Python or PowerShell, and experience with automation tools like Ansible, Puppet, or Chef.
+ Experience in writing technical documentation, designing patterns, implementation and testing of cloud solutions, technical support to clients.
+ Experience in handling security incidents
#L1-APAC
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Vice President, BISO, Senior Cloud Security Specialist, Global Information Security, Australia
Sydney, Australia
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
**Job Overview:**
The Cloud Security Specialist is responsible for designing, implementing, and managing security controls across multi-cloud environments, with a specific emphasis on Azure and AWS platforms, to ensure the protection of organizational data and systems. This role requires deep expertise in cloud security, architecture principles, and industry standards. The ideal candidate will work closely with various teams to ensure the security of cloud-based applications, data, and infrastructure.
**Key Responsibilities:**
+ Lead the design and implementation of secure cloud architectures and solutions, ensuring alignment with business objectives and security requirements.
+ Maintain and update risk registers and ensure continuous monitoring of cloud security risks.
+ Act as a liaison between the security team and other departments to promote a security-first culture.
+ Security Controls -
+ Define and implement security controls and policies for cloud environments, ensuring compliance with industry standards (e.g., ISO 27001, NIST, GDPR, HIPAA) and bank security policies.
+ Continuously improve security controls and processes to enhance the organization's security posture.
+ Develop and maintain documentation for security controls, policies, and procedures.
+ Policy as Code (PaC) Implementation -
+ Policies are increasingly managed as code, requiring developers skilled in scripting and programming to define, customize, and automate these policies using tools like HashiCorp Sentinel, Open Policy Agent (OPA), and Terraform.
+ Integration with CI/CD Pipelines -
+ Developers ensure that security policies are embedded in CI/CD workflows to enforce compliance during the development and deployment phases.
+ Custom Solutions Development -
+ Off-the-shelf security tools often need customization to fit organizational requirements. Developers can write custom modules, scripts, or extensions to adapt these tools effectively.
+ Collaboration with Security Teams -
+ Developers act as a bridge between security and DevOps teams, ensuring that security policies align with operational workflows without hindering development agility.
+ Governance and Regulatory Compliance -
+ Conduct regular security assessments and audits of cloud environments to identify and mitigate risks.
+ Conduct risk assessments to identify potential security threats and vulnerabilities in cloud environments.
+ Evidence Package Creation - Package evidence of security policies deployment and effectiveness proving to non-technical audience, Audit and Governance Teams, the effectiveness of security policies.
+ Participate in internal and external audits to demonstrate compliance with cloud security requirements.
**Required Skills:**
+ 5 years of experience in cloud security.
+ Currently hold active AWS Security Specialty or Azure AZ-500 certification.
+ In-depth understanding of cloud security principles, best practices, and industry frameworks such as OWASP Top 10, NIST, CSA, CIS benchmarks.
+ Familiarity in programming and scripting languages such as Python, TF, Go, or JavaScript.
+ Experience building and implementing IaC/PaC governance strategies with appropriate tooling (e.g., Terraform, CloudFormation, OPA, HashiCorp Sentinel, etc.).
+ Strong understanding of CI/CD pipelines and DevOps practices.
+ Hands-on experience with cloud-native and third-party security solutions, including Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP).
+ Demonstrated capability to translate technical information into a format that a non-technical audience will understand and clear communication skills.
**Desired Skills:**
+ Relevant industry certifications such as ISC2 and SANS GIAC are highly desirable.
+ Strong communication and interpersonal skills to work effectively with cross-functional teams.
+ Ability to manage multiple projects and priorities in a fast-paced environment.
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

Vice President, Cloud Security Lead DevOps Engineer
Sydney, Australia
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
Bank of America is currently seeking an experienced Cloud Security Lead DevOps Engineer to support our mission of providing secure, reliable, and innovative cloud solutions to our clients.
The Cloud Security Lead works to deliver high-quality cloud solutions and helps drive a strong DevSecOps culture. As part of the Cloud Operations team, you will be responsible for the operations, development, deployment, and architecture of our cloud infrastructure.
Ensure that the CSO's operational processes, from incident response to threat intelligence, are optimized for cloud environments and adhere to the strategic direction, with a focus on leveraging cloud-native security capabilities.
You will be expected to share the escalation of on-call investigations and provide leadership for incident response. Working closely with our development teams you will be a champion of DevSecOps best practices including CI/CD, Infrastructure as code, containerization, microservice architecture, automated testing, and security.
Primary Responsibilities
+ Collaborate with Developers to build a world-class infrastructure that can meet our customer's security and uptime requirements
+ Act as a key contributor to the development of our developer and CI/CD processes to improve our developer agility and code quality
+ Approve release for CI/CD DevSecOps (implementation engineering)
+ Manage CI/CD and pipeline for incident response
+ Lead CSO incident response, drive recovery actives and support post incident processes
+ Manage mission-critical cloud-based production systems; proactively take action if/when systems are down or there are interruptions in service; root cause and implement corrective actions to build long-term customer loyalty
+ Develop and improve processes and procedures for the CSO team
+ Ensure compliance to Service Level Agreements (SLA), process adherence
+ Create compliance reports, support the audit process, measure CSO performance metrics
+ Help to identify emerging technologies & security practices that can enhance our offering to our customers
+ Be passionate about security, automation, quality, and reliability.
+ Report on security operations to business leaders
Required Skills
+ Knowledge of AWS and its associated technologies, both from Security and Cloud Ops perspective (Guard Duty, Control Tower, etc.)
+ Knowledge of Terraform
+ Experience taking vulnerabilities that are generated from 3rd Party scanning, do the analysis, determine remediation and implement remediation on lower environments. Validate fix, follow process to get that on to Production.
+ Experience with Incident Management and crisis management
+ Maintain smooth operation of multi-user computer systems, including coordination with network, software, and system engineers, PC desktop technicians, project managers, end users, and customer and IT management.
+ Recommend and implement system enhancements that will improve the performance and reliability of the system including installing, upgrading/patching, monitoring, problem resolution, and configuration management.
+ Experience with Azure Security Center, Google Cloud Security
+ Understanding of networking systems, security vulnerabilities, exploits and attack, s
+ Basic understanding of threat frameworks, such as ATT&CK.
+ Understanding of Risk Management principles.
+ Experience in building, configuring, operating and/or securing cloud infrastructure and applications in a CSP utilizing either native capabilities or 3rd party vendor tools.
+ Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls.
+ Ensure new releases of products are compatible, aligned to CSO strategy and properly onboarded to operations practices.
+ Develop and document technical processes and procedures as needed. Provide technical assistance and support for incoming queries and issues related to computer systems, software, and hardware.
+ Minimum 3+ years in Cloud Technologies preferably AWS
+ Minimum 3+ years of experience with deployment orchestration systems such as Kubernetes, ECS, and Elastic Beanstalk
+ Minimum 2+ years of experience working with CI/CD tools such as CircleCI or Jenkins
+ Minimum 2+ years of experience with Docker and Docker-Compose
+ Minimum 4+ years with configuration management and automation tools (e.g., Puppet, Ansible, Chef, CloudFormation, SaltStack, Terraform)
+ Strong Linux system administration experience
+ Strong programming experience in at least one language (python, node, java, go, c/c++, ruby)
+ Experience with logging and monitoring tools such as ELK, DataDog or NewRelic, LogEntries, SumoLogic, etc.
+ Able to participate in 24/7 incident response escalation.
+ Strong written and verbal communication skills
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

0403 - Chief Information Security OfficerPower and Water Corporation (NT Government)CitizenDarwin (fulltime onsite)6 months + 6 monthsRequirement:The Chief Information Security Officer will work in collaboration with the GM Technology & Systems with key responsibilities for the:• Assessment of cyber security strategy, policies and posture across IT and OT• Risk and threat landscape assessment across critical infrastructure• Development of strategic roadmap incorporating regulatory requirements (SOCI SP-2), emerging threats and business goals• Alignment with business resilience, operational continuity and digital transformation programs• Assessment of IT/OT cyber security integration, including convergence challenges and maturity levels• Assessment of team structure to support current and future cyber programs and operations• Review of cyber security service providers, including assessment of current gap in cyber services• Provide mentoring and development plans for cyber teams• Deliver cybersecurity briefings and updates to senior managers as required• Provide regular strategic position monthly reports and final report with uplift recommendations SKILLS, KNOWLEDGE AND EXPERIENCEESSENTIAL• Strong leadership and proven ability to lead diverse teams• Experience in cyber team right sizing• Experience in working with service providers to improve cyber resilience• Over 10 years’ experience in cyber security within corporate organisations• Detailed understanding of cyber security frameworks and standards including regulatory and legal knowledge• Certified Information Systems Security Professional (CISSP) or equivalent accreditation• Utility company experience with active participation in cyber security strategy and operational initiatives• Experience in the successful implementation of OT projects and initiatives across critical infrastructure• Detailed knowledge of the SOCI Act and risk management obligations• Strong leadership and executive influencing skills DESIRABLE• Strong program and portfolio management skills• Good knowledge of IT and OT Networks and associated security challenges• Knowledge of SCADA, Cloud, AI platforms and emerging technology• Strong presentation and report writing skills MINIMUM EXPERIENCE• The suitable candidate MUST have a minimum of 10 years as Chief Information Security Officer preferably in a utility organisation

About the Role
Our client is a national organisation investing in both cyber resilience and infrastructure modernisation.

This is a hybrid role where you’ll spend part of your week embedded in ISO/NIST compliance, security operations, and vendor management, while also rolling up your sleeves across Azure cloud and endpoint environments. At the same time, you’ll provide forward-looking insights to help shape the organisation’s security and infrastructure strategy, leveraging your experience on what ‘good’ looks like.

You’ll manage a small team of 1 x Network Engineer and 1 x Cloud Engineer, plus mentor a junior EUC/SecOps resource one day per week.

Broader IT sits at around 12 people, with this role reporting into the Executive GM, Digital.

It’s a hands-on role that’s an exciting mix of operational leadership, project delivery, and strategic influence, with enterprise visibility and the chance to make a tangible impact.

Key Responsibilities

• Hands-On Security & ISO
• Actively drive ISO 27001 compliance and maturity uplift towards NIST standards
• Conduct audits, risk assessments, and governance reviews
• Lead day-to-day security operations: vulnerability management, patching, and incident response
• Manage deployment and optimisation of CrowdStrike, Defender, and Fortinet
• Infrastructure Leadership
• Be hands-on in managing Azure cloud environments and infrastructure operations
• Oversee projects such as Windows 11 upgrades, Teams Calling rollout, and Azure DevOps adoption
• Ensure patching, endpoint lifecycle, and vendor-delivered services run smoothly
• Optimise and automate processes where possible
• Strategic Contribution
• Provide insight and recommendations on future security and infrastructure strategy
• Advise the Executive GM, Digital on risk, investment priorities, and emerging technologies
• Help shape the roadmap for cyber maturity and infrastructure uplift
• Team & Vendor Management.
• Manage and coach Network and Cloud Engineers; mentor a junior EUC/SecOps staff member
• Collaborate closely with the broader 12-person IT team in a knowledge-sharing, team-first culture
• Lead vendor relationships to ensure value, accountability, and quality delivery.

Must Haves

• Proven hands-on experience delivering ISO 27001 compliance & audits
• Strong technical expertise in Microsoft Azure infrastructure
• Practical knowledge of CrowdStrike, Defender, Fortinet, and vulnerability management
• Deep experience in patching, asset lifecycle, and endpoint operations
• Vendor management capability across infrastructure and security domains
• Leadership experience managing engineers and mentoring junior staff
• Excellent communication skills - able to explain technical detail while influencing strategy

Nice to Have

• Experience uplifting to NIST compliance maturity
• Certifications such as CISSP, CISM, ISO 27001 Lead Implementer/Auditor, or Azure certs
• Track record delivering IT projects in industrial, logistics, or critical infrastructure environments

Why Apply?

• Hybrid role combining hands-on delivery with strategic influence
• Direct line to the Executive GM, Digital, with enterprise-wide visibility
• Lead projects including Windows 11, Teams Calling, Azure DevOps
• Shape the organisation’s journey towards NIST maturity
• Manage and mentor a small but high-impact team, with broader IT collaboration
• Perth-based with hybrid flexibility (2–3 days onsite)

The mission of the Customer Experience & Success (CE&S) organization is to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft's products and services ignited by our people and culture. Come join CE&S and help us build a future where customers achieve their business outcomes faster with technology that does more.
We are looking for a Cloud Solution Architect (CSA), specializing in Security/Defender for Endpoint who is passionate about driving our customers' security & AI transformation on the Microsoft Platform. This is a customer-facing role, owning the technical relationship between the customer and Microsoft, helping customers to leverage their Microsoft investments through architecture, implementation, and operational health engagements.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
You will drive positive Customer Satisfaction and become a trusted advisor and provide feedback and insights from customers/partners and be the Voice of Customer to share insights and best practices, connect with Global Security teams at Microsoft, Engineering and Product teams to remove blockers and influence the solution roadmap.
- You will land an end-to-end value prop for Security (i.e., Zero Trust) which spans the breadth of Microsoft Security offerings, and with focus on Threat Protection / Defender for Endpoint across Windows, macOS, Linux, Android, and iOS devices and Cloud Security.
- You will support customers through the adoption lifecycle, through planning, adoption, deployment and optimization as you support increasing drive of Microsoft security products utilization as you lead technical solutioning and nurturing across the customer journey.
- You will deliver technical presentations & demos and propose high-level solutions and work with key Microsoft and Partner resources to drive deployment & customer adoption of Threat Protection, Integration with Microsoft ecosystem (Intune, Azure AD, Sentinel) simplifies deployment and management and Cloud Security cross sell/upsell/Unified opportunities through customer engagement.
- You will align your individual skilling to team/area demands and Customer Success goals and accelerate customer outcomes - Share expertise, contribute to IP creation & re-use to accelerate customer outcomes.
- Run Architectural Design Session to build a plan for implementing the solution - governing design in line with customer business goals and their technical environment. Outcome is consensus on solution design and next steps toward production.
- Collaborate and orchestrate with other Cloud Solution Architects and MS stakeholders including FastTrack, partner, and Microsoft Consulting in developing complex end-to-end Enterprise solutions with the Microsoft Security platform.
**Qualifications**
Required Qualifications:
+ Bachelor's Degree in Computer Science, Information Technology, Engineering, Business, or related field AND
+ 2+ years experience in cloud/infrastructure technologies, information technology (IT) consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting OR equivalent experience
Preferred Qualifications:
+ 2+ years experience working in a customer-facing role (e.g., internal and/or external)
+ 4+ years experience working on technical projectsTechnical Certification in Cloud (e.g., Azure, Amazon Web Services, Google, security certifications)
Threat protection, SIEM and Incident Response; Extended Detection and Response (XDR); Security Orchestration, Automation, and Response (SOAR); Security Operation Center Management; Identity and Access Management; Cloud Infrastructure; Cloud Security; Data Security; Certification in one or more of the following technologies preferred: Microsoft 365 Security Administrator, Microsoft Security Operations, Cloud Security, CCSP, CEH, OSCP, GSEC.
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

**Overview**
The mission of the Customer Experience & Success (CE&S) organization is to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft's products and services ignited by our people and culture. Come join CE&S and help us build a future where customers achieve their business outcomes faster with technology that does more.
We are looking for a Cloud Solution Architect (CSA), specializing in Security/Identity/Access Management (EntraID P2) who is passionate about driving our customers' security & AI transformation on the Microsoft Platform. This is a customer-facing role, owning the technical relationship between the customer and Microsoft, helping customers to leverage their Microsoft investments through architecture, implementation, and operational health engagements.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
You will drive positive Customer Satisfaction and become a trusted advisor and provide feedback and insights from customers/partners and be the Voice of Customer to share insights and best practices, connect with Global Security teams at Microsoft, Engineering and Product teams to remove blockers and influence the solution roadmap.
- You will land an end-to-end value prop for Security (i.e., Zero Trust) which spans the breadth of Microsoft Security offerings, and with focus on Threat Protection, Identity and Access Management (EntraID P2) and Cloud Security.
- You will support customers through the adoption lifecycle, through planning, adoption, deployment and optimization as you support increasing drive of Microsoft security products utilization as you lead technical solutioning and nurturing across the customer journey.
- You will deliver technical presentations & demos and propose high-level solutions and work with key Microsoft and Partner resources to drive deployment & customer adoption Threat Protection , Identity + Access Management (EntraID P2) and Cloud Security cross sell/upsell/Unified opportunities through customer engagement.
- You will align your individual skilling to team/area demands and Customer Success goals and accelerate customer outcomes - Share expertise, contribute to IP creation & re-use to accelerate customer outcomes.
- Run Architectural Design Session to build a plan for implementing the solution - governing design in line with customer business goals and their technical environment. Outcome is consensus on solution design and next steps toward production.
- Collaborate and orchestrate with other Cloud Solution Architects and MS stakeholders including FastTrack, partner, and Microsoft Consulting in developing complex end-to-end Enterprise solutions with the Microsoft Security platform.
**Qualifications**
Required Qualifications:
+ Bachelor's Degree in Computer Science, Information Technology, Engineering, Business, or related field AND
+ 4+ years experience in cloud/infrastructure technologies, information technology (IT) consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting OR equivalent experience
Preferred Qualifications:
+ 4+ years experience working in a customer-facing role (e.g., internal and/or external)
+ 4+ years experience working on technical projects
+ Technical Certification in Cloud (e.g., Azure, Amazon Web Services, Google, security certifications)
Certification in one or more of the following technologies preferred:
Microsoft Security Fundamentals (SC-900), Microsoft Certified (SC-300), Microsoft Cybersecurity Architect (SC-100), Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC).
Subject matter expert in 2 or more of the following areas:
Threat protection, SIEM and Incident Response; Extended Detection and Response (XDR); Security Operation Center Management; Identity and Access Management; Cloud Security
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .