42 IT Security Specialist jobs in Australia

Description
Amazon Web Services (AWS) is the leading cloud service provider, providing virtualised infrastructure, storage, networking, messaging, and many other services to customers all over the world, including government customers. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises to large government customers, run their operations and applications on AWS' highly secure infrastructure.
AWS Security is looking for a highly talented and motivated Physical Security Specialist to work with our team, designing the secure facilities to maximize the effectiveness of the physical security program. The duties include extra-low voltage system design and engineering, working with the architectural and engineering teams to assure security best practices are observed, drafting new systems into the design teams build plans, and coordinating with physical security leaders to understand the new build and security system designs, adhering to an approved products list. A successful candidate will be responsible for interpretation of Risk Assessments and Threat Analysis and Physical Security Standards to assure the proper security technologies are selected to meet the unique challenges to be found in a sensitive security program.
Key job responsibilities
This role will be expected to provide in-depth security advice on the physical security architecture for the organisation. You will draw upon your strong knowledge as well as invent and innovate in the course of your duties. Key responsibilities may include:
* Lead the physical security architecture elements on a sensitive program.
* Create and communicate detailed physical security system designs and guidance to ensure compliance with government policies and frameworks.
* Subject matter expertise to support the AWS Security leadership and other security teams, with a focus on physical security.
* Physical / Protective Security Risk, Threat, and Vulnerability Management.
* Management and implement Physical security risk, threat, and vulnerability deliverables - e.g. internal and external audit items, security deliverables annual PSPF Self-assessment and ASD Cyber Survey.
* Preparation of executive level presentation packs, briefings, papers and reports to various internal and external governance bodies and stakeholders.
* Develop, oversee, and review protective security policies, procedures, processes, guidelines, forms and templates relating to protective security and day to day protective security operations.
* Identify vulnerable processes and systems and provide advice and support for the remediation of security risk and reduce exposure to security threats to support the rollout of new assets.
* Engage with and work collaboratively with stakeholders across AWS and externally, in relation to compliance obligations, e.g. PSPF and ISM.
Hold or be able to attain an Australian Government Security Vetting Agency clearance (see day in the life
Engineers in this role must show exemplary judgment in making technical trade-offs between short versus long term security and business goals. They must also demonstrate resilience and navigate difficult situations with composure and tact. Conflicts should be addressed by listening, finding the best way forward and persuading one's colleagues. Successful engineers in this role will regularly analyze their own performance with a critical eye. A broad understanding of the AWS business and its interconnections is required. This position will also provide training, advice, and mentorship to other engineers throughout AWS.
About the team
About the team
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
The team is comprised of security professionals with a cross section of national security and private sector experience, providing a range of perspectives required for creative problem solving. We value diversity of thought, creativity, and a strong Bias for Action and Earn Trust. We believe that there are no "perfect" security solutions and we develop and iterate using a continuous improvement process.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Mentorship & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
* Degree in Architectural, Electrical Engineering, or Physical Security or equivalent experience in a related security field.
* 5+ years' experience with one or more drafting technologies such as, AutoCad, BlueBeam and others.
* Proficient with government security frameworks, policies and standards (e.g. PSPF, ISM, DSPF. ASD Essential Eight)
Preferred Qualifications
* Physical Security Design experience in corrections, military, government, or museum environments.
* PSP, CPP, PMP Certification
* CPTED Certification
* Proven ability to not only influence but lead business partners and supporting teams
Acknowledgement of country:
In the spirit of reconciliation Amazon acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.
IDE statement:
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Vice President, BISO, Senior Cloud Security Specialist, Global Information Security, Australia
Sydney, Australia
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
**Job Overview:**
The Cloud Security Specialist is responsible for designing, implementing, and managing security controls across multi-cloud environments, with a specific emphasis on Azure and AWS platforms, to ensure the protection of organizational data and systems. This role requires deep expertise in cloud security, architecture principles, and industry standards. The ideal candidate will work closely with various teams to ensure the security of cloud-based applications, data, and infrastructure.
**Key Responsibilities:**
+ Lead the design and implementation of secure cloud architectures and solutions, ensuring alignment with business objectives and security requirements.
+ Maintain and update risk registers and ensure continuous monitoring of cloud security risks.
+ Act as a liaison between the security team and other departments to promote a security-first culture.
+ Security Controls -
+ Define and implement security controls and policies for cloud environments, ensuring compliance with industry standards (e.g., ISO 27001, NIST, GDPR, HIPAA) and bank security policies.
+ Continuously improve security controls and processes to enhance the organization's security posture.
+ Develop and maintain documentation for security controls, policies, and procedures.
+ Policy as Code (PaC) Implementation -
+ Policies are increasingly managed as code, requiring developers skilled in scripting and programming to define, customize, and automate these policies using tools like HashiCorp Sentinel, Open Policy Agent (OPA), and Terraform.
+ Integration with CI/CD Pipelines -
+ Developers ensure that security policies are embedded in CI/CD workflows to enforce compliance during the development and deployment phases.
+ Custom Solutions Development -
+ Off-the-shelf security tools often need customization to fit organizational requirements. Developers can write custom modules, scripts, or extensions to adapt these tools effectively.
+ Collaboration with Security Teams -
+ Developers act as a bridge between security and DevOps teams, ensuring that security policies align with operational workflows without hindering development agility.
+ Governance and Regulatory Compliance -
+ Conduct regular security assessments and audits of cloud environments to identify and mitigate risks.
+ Conduct risk assessments to identify potential security threats and vulnerabilities in cloud environments.
+ Evidence Package Creation - Package evidence of security policies deployment and effectiveness proving to non-technical audience, Audit and Governance Teams, the effectiveness of security policies.
+ Participate in internal and external audits to demonstrate compliance with cloud security requirements.
**Required Skills:**
+ 5 years of experience in cloud security.
+ Currently hold active AWS Security Specialty or Azure AZ-500 certification.
+ In-depth understanding of cloud security principles, best practices, and industry frameworks such as OWASP Top 10, NIST, CSA, CIS benchmarks.
+ Familiarity in programming and scripting languages such as Python, TF, Go, or JavaScript.
+ Experience building and implementing IaC/PaC governance strategies with appropriate tooling (e.g., Terraform, CloudFormation, OPA, HashiCorp Sentinel, etc.).
+ Strong understanding of CI/CD pipelines and DevOps practices.
+ Hands-on experience with cloud-native and third-party security solutions, including Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP).
+ Demonstrated capability to translate technical information into a format that a non-technical audience will understand and clear communication skills.
**Desired Skills:**
+ Relevant industry certifications such as ISC2 and SANS GIAC are highly desirable.
+ Strong communication and interpersonal skills to work effectively with cross-functional teams.
+ Ability to manage multiple projects and priorities in a fast-paced environment.
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

**Introduction**
The Cyber Security SIEM Specialist is responsible for the day-to-day management, monitoring, and analysis of security information and event management (SIEM) tools within the organization. This role requires a highly skilled individual who can leverage SAP ETD and Microsoft Sentinel to detect, respond to, and mitigate cyber threats in real-time, ensuring the confidentiality, integrity, and availability of critical data and systems.
**Your role and responsibilities**
* Monitor, analyse, and manage alerts generated by SAP ETD and Microsoft Sentinel, investigating potential security incidents.
* Develop and maintain effective security policies, procedures, and guidelines related to SIEM operations.
* Utilise SIEM dashboards, reports, and visualizations to communicate security status to stakeholders.
* Conduct regular security audits and assessments to ensure the SIEM solution is optimally configured and aligned with current threat landscapes.
* Drive continuous improvement initiatives to enhance SIEM capabilities and response efficacy.
* Stay updated on the latest cybersecurity threats, attack patterns, and mitigation strategies.
* Ensure compliance with relevant industry regulations and standards
**Required technical and professional expertise**
* Must have an active AGSVA Baseline Clearance, preferred to have AGSVA NV1 Clearance or be eligible to obtain one.
* Must be an Australian Citizen
* Mandatory to be on site 5 days a week.
* Bachelor's degree in Computer Science, Information Security, or a related field.
**Preferred technical and professional experience**
* Minimum of 5 years of professional experience in SIEM administration, ideally with both SAP ETD and Microsoft Sentinel.
* Certified Information Systems Security Professional (CISSP) or similar certifications are strongly preferred.
* Proven expertise in threat detection, incident response, and security event management.
* Strong understanding of network security, cloud security, and cyber threat intelligence.
* Excellent analytical, problem-solving, and communication skills.
* Ability to work independently and as part of a dynamic team, often under pressure and tight deadlines.
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day and we need you as a **Senior Network Security Automation Engineer** .
Microsoft's Cloud Operations & Innovation (CO+I) is the engine that powers our cloud services. As a Senior Cyber Security Engineer, you will perform a key role in delivering the core infrastructure and foundational technologies for Microsoft's online services including Bing, Office 365, Xbox, OneDrive, and the Microsoft Azure platform. You will drive our technology strategy, lead by example, and support team members on their learning journey. You will implement and operate modern cloud and on premises cybersecurity controls to defend Microsoft datacenter critical infrastructure from threat actors. Leveraging multiple solutions and partnering with internal and external teams, you will be at the forefront of advancing industrial network cybersecurity capabilities.
Through on the job learning and bi-directional mentorship, this opportunity will allow you to gain cyber defense, automation, and networking skills and experiences that are rare in both networking and security organizations, and in high demand across multiple industries. This is a flexible work opportunity for you to work from home partially or fully if desired.
As a group, CO+I is focused on personal and professional development for all employees and offers trainings and growth opportunities including Career Rotation Programs, Diversity & Inclusion trainings and events, and professional certifications.
Our infrastructure is comprised of a large global portfolio of more than 100 datacenters and 1 million servers. Our foundation is built upon and managed by a team of subject matter experts working to support services for more than 1 billion customers and 20 million businesses in over 90 countries worldwide.
With environmental sustainability and optimization at the forefront of our datacenter design and operations, we continue to grow and evolve as we meet the ever-changing business demands that hold Microsoft as a world-class cloud provider.
Do you want to empower billions across the world? Come and join us in CO+I and be at the forefront of the action!
**Responsibilities**
**Responsibilities:**
+ Manage and optimize network security infrastructure including NGFWs (e.g., Palo Alto Networks, Checkpoint), IDS/IPS, and segmentation.
+ Develop and maintain secure Azure cloud environments using Infrastructure-as-Code (IaC) tools such as Terraform or ARM templates.
+ Build and maintain CI/CD pipelines in Azure DevOps with integrated security controls.
+ Document automation workflows, APIs, scripts, and system designs.
+ Proactively identify and investigate potential issues and patterns in security controls and drive mitigation strategies, while also implementing automation to improve efficiency and effectiveness across the network.
+ Install, upgrade, and maintain security hardware, operating system and software.
+ Identify gaps in security policy and administration, recommend solutions, and implement new and revised security standards, while working with partner teams to drive consistency and awareness.
+ Maintain standards and drive improvements for our customer and partner experience, responding appropriately to emerging issues and advocating for our customer experience through development and analyzation of key metrics, performance indicators, and other data sources (e.g. bugs, unhealthy data pipeline). Respond to escalations and recommend improvements as appropriate to address gaps.
+ Participate in on-call rotation to support security services.
+ With minimal guidance, analyze attempted or successful efforts to compromise systems security and, alongside partner teams, create recommendations to limit exposure, implement response plans, and take action.
+ Analyze potential or actual intrusions identified from monitoring activities and create detections based on available data (e.g., Indicators of Compromise (IOC) and Tools Tactics Procedures (TTP)).
**Other**
+ Embody our culture ( and values ( .
**Qualifications**
**Required Qualifications:**
+ 4+ years of experience in Network Security Engineering (multi-vendor next-gen firewall experience, IDS/IPS, network engineering (routing/BGP) and network/infrastructure automation (Python, Ansible etc).
+ OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
+ Strong background in Firewalls or Intrusion detection or prevention systems.
+ High proficiency in Python
+ Hands-on experience with Ansible for network automation and configuration management.
+ Ability to design, develop, and integrate RESTful APIs
+ Networking & Security Fundamentals: Solid understanding of routing, IPSec, firewall policies
+ Proficiency with Git and collaborative development workflows
**Background Check Requirements:**
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
+ Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
While not required, we also look for the following **Preferred Qualifications:**
+ Cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), cloud security, and operations incident response.
+ CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, PCCSE, PCNSE, PCSAE, CCNP Security, CCIE Security and/or Security+ certification.
+ Any experience with industrial control systems is preferred (not mandatory).
+ Experience with Nautobot for network source-of-truth alignment, and Django would be considered highly beneficial
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day and we need you as a **Senior Network Security Automation Engineer** .
Microsoft's Cloud Operations & Innovation (CO+I) is the engine that powers our cloud services. As a Senior Cyber Security Engineer, you will perform a key role in delivering the core infrastructure and foundational technologies for Microsoft's online services including Bing, Office 365, Xbox, OneDrive, and the Microsoft Azure platform. You will drive our technology strategy, lead by example, and support team members on their learning journey. You will implement and operate modern cloud and on premises cybersecurity controls to defend Microsoft datacenter critical infrastructure from threat actors. Leveraging multiple solutions and partnering with internal and external teams, you will be at the forefront of advancing industrial network cybersecurity capabilities.
Through on the job learning and bi-directional mentorship, this opportunity will allow you to gain cyber defense, automation, and networking skills and experiences that are rare in both networking and security organizations, and in high demand across multiple industries. This is a flexible work opportunity for you to work from home partially or fully if desired.
As a group, CO+I is focused on personal and professional development for all employees and offers trainings and growth opportunities including Career Rotation Programs, Diversity & Inclusion trainings and events, and professional certifications.
Our infrastructure is comprised of a large global portfolio of more than 100 datacenters and 1 million servers. Our foundation is built upon and managed by a team of subject matter experts working to support services for more than 1 billion customers and 20 million businesses in over 90 countries worldwide.
With environmental sustainability and optimization at the forefront of our datacenter design and operations, we continue to grow and evolve as we meet the ever-changing business demands that hold Microsoft as a world-class cloud provider.
Do you want to empower billions across the world? Come and join us in CO+I and be at the forefront of the action!
**Responsibilities**
**Responsibilities:**
+ Manage and optimize network security infrastructure including NGFWs (e.g., Palo Alto Networks, Checkpoint), IDS/IPS, and segmentation.
+ Develop and maintain secure Azure cloud environments using Infrastructure-as-Code (IaC) tools such as Terraform or ARM templates.
+ Build and maintain CI/CD pipelines in Azure DevOps with integrated security controls.
+ Document automation workflows, APIs, scripts, and system designs.
+ Proactively identify and investigate potential issues and patterns in security controls and drive mitigation strategies, while also implementing automation to improve efficiency and effectiveness across the network.
+ Install, upgrade, and maintain security hardware, operating system and software.
+ Identify gaps in security policy and administration, recommend solutions, and implement new and revised security standards, while working with partner teams to drive consistency and awareness.
+ Maintain standards and drive improvements for our customer and partner experience, responding appropriately to emerging issues and advocating for our customer experience through development and analyzation of key metrics, performance indicators, and other data sources (e.g. bugs, unhealthy data pipeline). Respond to escalations and recommend improvements as appropriate to address gaps.
+ Participate in on-call rotation to support security services.
+ With minimal guidance, analyze attempted or successful efforts to compromise systems security and, alongside partner teams, create recommendations to limit exposure, implement response plans, and take action.
+ Analyze potential or actual intrusions identified from monitoring activities and create detections based on available data (e.g., Indicators of Compromise (IOC) and Tools Tactics Procedures (TTP)).
**Other**
+ Embody our culture ( and values ( .
**Qualifications**
**Required Qualifications:**
+ 4+ years of experience in Network Security Engineering (multi-vendor next-gen firewall experience, IDS/IPS, network engineering (routing/BGP) and network/infrastructure automation (Python, Ansible etc).
+ OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
+ Strong background in Firewalls or Intrusion detection or prevention systems.
+ High proficiency in Python
+ Hands-on experience with Ansible for network automation and configuration management.
+ Ability to design, develop, and integrate RESTful APIs
+ Networking & Security Fundamentals: Solid understanding of routing, IPSec, firewall policies
+ Proficiency with Git and collaborative development workflows
**Background Check Requirements:**
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
+ Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
While not required, we also look for the following **Preferred Qualifications:**
+ Cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), cloud security, and operations incident response.
+ CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, PCCSE, PCNSE, PCSAE, CCNP Security, CCIE Security and/or Security+ certification.
+ Any experience with industrial control systems is preferred (not mandatory).
+ Experience with Nautobot for network source-of-truth alignment, and Django would be considered highly beneficial
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

**Description**
+ **Leidos Life Hub** provides access to discount offers or cashback rewards with over 400 Australian and International retailers.
+ Due to the nature of the role, **you must be an Australian Citizen and hold either a NV-1 or NV-2 Security Clearance**
Our team feel Leidos is a great place to work. Learn more about our culture and benefits by visiting us here Work That Matters**
Leidos Australia delivers IT and airborne solutions that protect and advance the Australian way of life. Our 2000 local experts, backed by our global experience and network of partners, are working to solve the world's toughest challenges in government, intelligence, defence, aviation, border protection and health markets.
**Your New Role and Responsibilities**
Leidos Australia is expanding our 24x7x365 Central Processing Cyber Security Operations Centre (CP SOC) capability with the Department of Defence. CP SOC works collaboratively with the Defence Security Operations Centre (DSOC) to assist in defending one of the largest and most complex ICT networks in the southern hemisphere.
We seek Cyber Security Analysts to work on a rotating shift roster (typically 12-hour shifts) onsite at HMAS Harman in Canberra.
The roles and responsibilities extend to:
+ **Monitor and Analyse Security Events:** Continuously monitor networks and endpoints for security alerts, threats, and intrusions using SIEM tools, IDS/IPS, and endpoint protection systems.
+ **Incident Response and Management:** Triage, investigate, and manage security incidents end-to-end, including escalation and reporting as required.
+ **Threat and Vulnerability Management:** Assess emerging threats and vulnerabilities, develop custom detection signatures, and implement measures to mitigate risks.
+ **Security Tool Administration and Process Improvement:** Maintain and support security tools, review and improve operational processes, and ensure the health of deployed security systems.
+ **Stakeholder Communication and Reporting:** Collaborate with internal teams and stakeholders, produce reports, and contribute to the development of SOC tactics, techniques, and procedures.
**What You'll Bring to Make an Impact**
+ **Technical Cyber Security Knowledge:** Working knowledge of industry and government cybersecurity frameworks, SIEM tools, IDS/IPS, and endpoint security solutions.
+ **Analytical and Problem-Solving Skills:** Ability to identify, analyse, and resolve complex security issues with a proactive and self-starting approach.
+ **Incident Response Expertise:** Experience in detecting, responding to, and mitigating cyber threats using adversary TTPs and IOCs.
+ **Communication and Stakeholder Management:** Strong verbal and written communication skills for incident reporting and stakeholder engagement.
+ **Adaptability and Continuous Learning:** Willingness to rapidly upskill, work in a 24/7 rotating shift environment, and stay updated on evolving cyber threats.
Don't worry if you don't tick all the boxes - if you meet most of them, we encourage you to submit your application. We're most interested in your strengths, what you want to learn and how far you want to go.
**Diverse Team Members, Shared Values and a Common Purpose**
_Providing our customers with smarter solutions takes an incredible team with diversity of thought, experience and perspectives driving innovation. Inclusion is at the heart of our culture and is one of our core values. It's about creating a workplace where everyone can do important work, feels welcome, valued, and respected, and has equal access to opportunities to thrive. Paul Chase - Chief Executive, Leidos Australia._
Leidos Australia is an equal opportunities organisation and is committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities, and age groups.
Our five Advocacy Groups (Women and Allies Network,Young Professionals, Defence & Emergency Services, Action for Accessibility and Abilities and Pride+) provide an opportunity for team members to connect and collaborate on shared interests, and work to support and celebrate our diverse community.
**Next Steps**
+ To apply for this role, follow the links or apply via our Careers page.
+ Recruitment process - 1 virtual interview and/or 1 face-to-face & background checks.
+ Applicants may also need to meet International Traffic in Arms Regulations (ITAR) requirements. In certain circumstances this can place limitations on persons who hold dual nationality, permanent residency or are former nationals of certain countries as per ITAR 126.1.
+ We are committed to making our recruitment process accessible to all candidates. Please get in touch with our Careers team if you'd like to discuss any additional support during your application or throughout the recruitment process.
At Leidos, we don't want someone who "fits the mold"-we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, "what's next?" before the dust settles on "what's now."
If you're already scheming step 20 while everyone else is still debating step 2. good. You'll fit right in.
**Original Posting:**
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
**Pay Range:**
The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
REQNUMBER: R-
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.

**Description**
+ **Leidos Life Hub** provides access to discount offers or cashback rewards with over 400 Australian and International retailers.
+ Due to the nature of the role, **you must be an Australian Citizen and hold either a NV-1 or NV-2 Security Clearance**
Our team feel Leidos is a great place to work. Learn more about our culture and benefits by visiting us here Work That Matters**
Leidos Australia delivers IT and airborne solutions that protect and advance the Australian way of life. Our 2000 local experts, backed by our global experience and network of partners, are working to solve the world's toughest challenges in government, intelligence, defence, aviation, border protection and health markets.
**Your New Role and Responsibilities**
Leidos Australia is expanding our 24x7x365 Central Processing Cyber Security Operations Centre (CP SOC) capability with the Department of Defence. CP SOC works collaboratively with the Defence Security Operations Centre (DSOC) to assist in defending one of the largest and most complex ICT networks in the southern hemisphere.
We seek Cyber Security Analysts to work on a rotating shift roster (typically 12-hour shifts) onsite at HMAS Harman in Canberra.
The roles and responsibilities extend to:
+ **Monitor and Analyse Security Events:** Continuously monitor networks and endpoints for security alerts, threats, and intrusions using SIEM tools, IDS/IPS, and endpoint protection systems.
+ **Incident Response and Management:** Triage, investigate, and manage security incidents end-to-end, including escalation and reporting as required.
+ **Threat and Vulnerability Management:** Assess emerging threats and vulnerabilities, develop custom detection signatures, and implement measures to mitigate risks.
+ **Security Tool Administration and Process Improvement:** Maintain and support security tools, review and improve operational processes, and ensure the health of deployed security systems.
+ **Stakeholder Communication and Reporting:** Collaborate with internal teams and stakeholders, produce reports, and contribute to the development of SOC tactics, techniques, and procedures.
**What You'll Bring to Make an Impact**
+ **Technical Cyber Security Knowledge:** Working knowledge of industry and government cybersecurity frameworks, SIEM tools, IDS/IPS, and endpoint security solutions.
+ **Analytical and Problem-Solving Skills:** Ability to identify, analyse, and resolve complex security issues with a proactive and self-starting approach.
+ **Incident Response Expertise:** Experience in detecting, responding to, and mitigating cyber threats using adversary TTPs and IOCs.
+ **Communication and Stakeholder Management:** Strong verbal and written communication skills for incident reporting and stakeholder engagement.
+ **Adaptability and Continuous Learning:** Willingness to rapidly upskill, work in a 24/7 rotating shift environment, and stay updated on evolving cyber threats.
Don't worry if you don't tick all the boxes - if you meet most of them, we encourage you to submit your application. We're most interested in your strengths, what you want to learn and how far you want to go.
**Diverse Team Members, Shared Values and a Common Purpose**
_Providing our customers with smarter solutions takes an incredible team with diversity of thought, experience and perspectives driving innovation. Inclusion is at the heart of our culture and is one of our core values. It's about creating a workplace where everyone can do important work, feels welcome, valued, and respected, and has equal access to opportunities to thrive. Paul Chase - Chief Executive, Leidos Australia._
Leidos Australia is an equal opportunities organisation and is committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities, and age groups.
Our five Advocacy Groups (Women and Allies Network,Young Professionals, Defence & Emergency Services, Action for Accessibility and Abilities and Pride+) provide an opportunity for team members to connect and collaborate on shared interests, and work to support and celebrate our diverse community.
**Next Steps**
+ To apply for this role, follow the links or apply via our Careers page.
+ Recruitment process - 1 virtual interview and/or 1 face-to-face & background checks.
+ Applicants may also need to meet International Traffic in Arms Regulations (ITAR) requirements. In certain circumstances this can place limitations on persons who hold dual nationality, permanent residency or are former nationals of certain countries as per ITAR 126.1.
+ We are committed to making our recruitment process accessible to all candidates. Please get in touch with our Careers team if you'd like to discuss any additional support during your application or throughout the recruitment process.
At Leidos, we don't want someone who "fits the mold"-we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, "what's next?" before the dust settles on "what's now."
If you're already scheming step 20 while everyone else is still debating step 2. good. You'll fit right in.
**Original Posting:**
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
**Pay Range:**
The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
REQNUMBER: R- -OTHLOC-PL-2D0397
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.

Description
Amazon Web Services (AWS) is the leading cloud service provider, providing virtualised infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises to large government customers, run their operations and applications on AWS' highly secure infrastructure.
AWS Security is looking for a GRC Specialist to contribute to the certification, accreditation, assurance, and authorisation activities across the security program. The successful candidate is a problem-solver, quick-study, with a broad understanding of the regulatory landscape, cloud technologies, experience in security and compliance.
Key job responsibilities
* Serve as the GRC Specialist for designated (physical and/or logical) components within the cloud capability, to perform assurance and authorization activities to ensure adherence to standards and protocols.
* Collaborate with internal teams and customers to establish baselines and level-set the security requirements, security controls, and security objectives.
* Implement ISM, PSPF, DSPF, ASIO T4, NIST and/or other security compliance frameworks into design and build baselines to achieve the agreed security posture.
* Create, optimise, and support cross-functional working groups and projects aimed at enhancing security efficiency and effectiveness across the organization.
* Utilise domain expertise to develop thought leadership material on cloud and emerging technologies, contributing to the organization's knowledge base and industry positioning.
* Deliver to tight deadlines and drive results, demonstrating exceptional attention to detail and ensuring accuracy in all aspects of security management.
Hold or be able to attain an Australian Government Security Vetting Agency clearance (see day in the life
In your day-to-day you will need to exercise sound judgment in making trade-offs between short versus long term security and business goals. You will demonstrate resilience and navigate difficult situations with composure and tact, with a goal to achieve a great outcome for the customer. You will be successful in this role by regularly analysing your own performance with a critical eye. A broad understanding of the AWS business and its interconnections is required. This position will also provide training, advice, and mentorship to other teams throughout AWS.
About the team
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
The team is comprised of security professionals with a cross section of national security and private sector experience, providing a range of perspectives required for creative problem solving. We value diversity of thought, creativity, and a strong Bias for Action and Earn Trust. We believe that there are no "perfect" security solutions and we develop and iterate using a continuous improvement process.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Mentorship & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Basic Qualifications
* 7+ years experience working in areas related to security assurance, such as cybersecurity, auditing, security architecture, regulatory affairs or public sector agencies involved in cybersecurity management.
* Experience working with governance, risk and compliance programs that directly involve interaction with regulatory bodies.
* Proficient with government security frameworks, policies and standards (e.g. PSPF, ISM, DSPF. ASD Essential Eight)
* Experience working with cloud technologies.
Preferred Qualifications
* Degree or equivalent experience in (Computer Science, Engineering, Cyber Security, IT Security Management, Security Risk Management)a related security field
* Minimum 7 years experience in implementing and operationalising security to meet business outcomes
* Proven ability to not only influence but lead business partners and supporting teams
* Ability to able to credibly coordinate between technical teams and business stakeholders
* Strong communication skills. Ability to produce detailed and complex written business cases without the use of PowerPoint
Acknowledgement of country:
In the spirit of reconciliation Amazon acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.
IDE statement:
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
Amazon Web Services (AWS) is the leading cloud service provider, providing virtualised infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises to large government customers, run their operations and applications on AWS' highly secure infrastructure.
AWS Security is looking for a GRC Specialist to contribute to the certification, accreditation, assurance, and authorisation activities across the security program. The successful candidate is a problem-solver, quick-study, with a broad understanding of the regulatory landscape, cloud technologies, experience in security and compliance.
Key job responsibilities
- Serve as the GRC Specialist for designated (physical and/or logical) components within the cloud capability, to perform assurance and authorization activities to ensure adherence to standards and protocols.
- Collaborate with internal teams and customers to establish baselines and level-set the security requirements, security controls, and security objectives.
- Implement ISM, PSPF, DSPF, ASIO T4, NIST and/or other security compliance frameworks into design and build baselines to achieve the agreed security posture.
- Create, optimise, and support cross-functional working groups and projects aimed at enhancing security efficiency and effectiveness across the organization.
- Utilise domain expertise to develop thought leadership material on cloud and emerging technologies, contributing to the organization's knowledge base and industry positioning.
- Deliver to tight deadlines and drive results, demonstrating exceptional attention to detail and ensuring accuracy in all aspects of security management.
Hold or be able to attain an Australian Government Security Vetting Agency clearance (see day in the life
In your day-to-day you will need to exercise sound judgment in making trade-offs between short versus long term security and business goals. You will demonstrate resilience and navigate difficult situations with composure and tact, with a goal to achieve a great outcome for the customer. You will be successful in this role by regularly analysing your own performance with a critical eye. A broad understanding of the AWS business and its interconnections is required. This position will also provide training, advice, and mentorship to other teams throughout AWS.
About the team
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
The team is comprised of security professionals with a cross section of national security and private sector experience, providing a range of perspectives required for creative problem solving. We value diversity of thought, creativity, and a strong Bias for Action and Earn Trust. We believe that there are no "perfect" security solutions and we develop and iterate using a continuous improvement process.
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why AWS?
Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Mentorship & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Basic Qualifications
- 4+ years experience working in areas related to security assurance, such as cybersecurity, auditing, security architecture, regulatory affairs or public sector agencies involved in cybersecurity management.
- Experience working with governance, risk and compliance programs that directly involve interaction with regulatory bodies.
- Proficient with government security frameworks, policies and standards (e.g. PSPF, ISM, DSPF. ASD Essential Eight)
- Experience working with cloud technologies.
Preferred Qualifications
- Degree or equivalent experience in (Computer Science, Engineering, Cyber Security, IT Security Management, Security Risk Management)a related security field
- Minimum 4 years experience in implementing and operationalising security to meet business outcomes
- Proven ability to not only influence but lead business partners and supporting teams
- Ability to able to credibly coordinate between technical teams and business stakeholders
- Strong communication skills. Ability to produce detailed and complex written business cases without the use of PowerPoint
Acknowledgement of country:
In the spirit of reconciliation Amazon acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.
IDE statement:
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.