What’s the opportunity?
You will provide oversight and help improve the security posture of the Vocus network. Analyze, review and raise security assessment concerns. Help enforce best security practice from industry defined standards. Build strong relationships and maintain with supporting colleagues/team members
What you’ll be doing:
- Performs security monitoring, security and data/log analysis, and forensic analysis, to detect security incidents and mounts an incident response.
- Investigate and utilize new technologies and processes to enhance security capabilities and implement improvements.
- Create new ways to solve existing production security issues
- Configure and install firewalls and intrusion detection systems
- Develop automation scripts to handle and track incidents
- Collaborate with colleagues on authentication, authorization and encryption solutions Evaluate new technologies and processes that enhance security capabilities
- Supervise changes in software, hardware, facilities, telecommunications, and user needs
- Collaborate on the definition, implementation, and maintenance of corporate security policies
- Analyze and advise on new security technologies and program conformance
- Perform vulnerability testing, risk analyses, and security assessments
- Proactively conduct hands-on security assessments on systems and network equipment’s, identified security vulnerability/weaknesses, evaluate countermeasures, and recommend best security practices to mitigate the vulnerabilities.
- Review the results and recommend effective remediation of a vulnerability scan, penetration test, and compliance reports.
- Participate and recommend security controls for IT and Network related projects.
- Be a champion of effective security best practices and promote their acceptance, adoption, and socialization
- Collaborate and work effectively with other teams
- Participate in the information security incident management process
- Develop and maintain regular information security reports for managers and team.
- Assist the Senior Systems Security Engineer with continuous review and ensuring compliance to security standards and policy
- Review and test (if required) security solutions using industry standard analysis criteria
What we need from you:
- Understanding of secure network architecture
- Knowledge of Identity and access management principles
- Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods skills
- Advanced knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
- Proficient in Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication
- Complex problem-solving abilities
- Strong oral and communication skills
- IDS/IPS, penetration and vulnerability testing skills
- Passionate about information security with a strong commitment to continuously improve user experience outcomes
- Experience with security technologies such as next-generation firewalls, Network IDS/IPS, VPN, web proxy, WAF, AAA (Authentication, Authorization, and Accounting) services, Multifactor Authentication, NAC solution, and SIEM.
- Experienced in vulnerability scanning, security monitoring, threat intelligence, and security analytics tools such as Rapid 7, Nipper, etc.
- Infrastructure Security Hardening (System and Network) based on Industry Best Practices
- Network Security Experience, Strong understanding of network fundamentals (E.g. Knowledge of Local Area Networks, TCP/IP, IPSEC and high-level communication protocols multiple operations systems (Windows, Unix, Linux, etc.) and communication protocols running on various layers of the OSI (Open Systems Interconnection) stack.)
- Good understanding of security standards such as ISO27001, PCI-DSS, AusGov PSPF, ASD Top 8 and ISM (desirable)
- Network Security Certification CCNA, CCNP Security, CCIE Security, JNCIS-SEC (desirable)
- Skills in the presentation of technical information to system and network teams
- 7-9 years’ experience in IT, with 5+ years of IT security experience, coupled with a degree in Computer Science, Cyber Security or a related field.