Cyber Security Specialist
Information Services | Melbourne City, Victoria, Australia | Full Time
An ASX100 business that is pertly owned by Australian universities, IDP is a pioneer in international education services. Our core business lines include student placement to Australia, US, UK, Canada and New Zealand institutions, English-language testing and training.
We are on a mission to build the world's leading platform and connected community to guide students along their journey to achieve their lifelong learning and career aspirations.
As a co-owner of IELTS, we deliver the English test that is trusted by more governments, universities and organisations than any other. We also operate English language teaching schools in South East Asia.
We are innovators, driven by the needs of our customers and deep data insights. IDP has achieved superb business outcomes from the digital transformation of its business. The transformation has directly contributed to the growth in our leading Edu-Tech business, helping students fulfill their lifelong learning opportunities at the world’s top universities.
Now we are further accelerating our transformation, and this means we need to build exciting new technical skills and capacities. We have an exciting business and technical agenda
A new and exciting opportunity exists for a Cybersecurity Specialist to join our team in Melbourne. The right fit is someone who utilise customer service skills to provide commercial and security advice, to all business operations within IDP Education Australia in accordance with Company security policies, procedures and guidelines.
Seeking an inspirational and outcome focused Cybersecurity Specialist who can provide extensive practical experience regarding IT security related matters and plan, coordinate security tasks based on relevant policies, standards, procedures and best practices.
This is a highly critical function as the stability and security of systems is integral to the operations of ICT infrastructure at IDP to provide thought leadership and technical support across all cyber security services to ensure IDP’s information assets are appropriately protected and information owners are kept informed of increasing cyber security threats. This will include company files and digital assets, employee data and sensitive customer information. The Specialist will identify and help analyse any possible vulnerabilities and identify unusual activity and react swiftly to prevent or mitigate breaches.
What you will do:
- Perform technical risk and information security assessments, assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
- Provide security recommendations in architecture design, development & integration of new ICT system features while maintaining integrity & security of our data
- Provide efficient, effective, and timely security services to our customers acting as key SME for information security across the organisation.
- Demonstrate knowledge with application security frameworks, security design patterns, requirements and threat analysis including application of OWASP strategies, security monitoring and reporting.
- Co-ordinate vulnerability assessments of IT systems and processes, identifying potential vulnerabilities, to make recommendations to control any risks identified and to ensure they are implemented.
- Be hands-on managing security incident responses.
- Engage with key stakeholders to ensure the needs of IDP are met in line with Information security requirements, compliance, and standards
- Assist with the implementation of security measures for the protection of security classified information and sensitive commercial information
- Demonstrate working knowledge of cloud security (AWS) including WAFs, API’s, Lambdas
- Ensure IDP’s organisation networks are monitored for security breaches and investigate violations when they occur
- Ensure currency and effectiveness of authentication, encryption, intrusion detection and preventative security scans.
- Actively participate and contribute to Business Continuity / Disaster Recovery infrastructure planning, building, and testing
You are someone who has....
- A pragmatic approach to technical IT Security, understanding business objectives and value
- Strong communication, presentation, stakeholder engagement and relationship building skills
- Ability to present complex technical and security information into simple, business language
- A strong customer focus and ability to consult/influence outcomes with both business and technology stakeholders
- Good negotiation and conflict resolution skills
- Capability to provide an understanding of the current state and target state of enterprise security architecture for the protection of the organization's data security, can review and provide advice on the best of practice security solutions.
- A flair for Improving security controls for systems infrastructure by improving operational processes and technical improvements as part of the organization's security improvement plan.
We are excited about you because….
- You have a strong Security Operations and Networking Fundamentals background.
- You have extensive technical experience in Vulnerability assessment and Penetration testing
- You have experience in SIEM, Threat Intelligence and Hunting experience
- You have 7 years commercial experience in Information Technology, with at least 4 years in Information Security
- You are a security professional with Industry recognised ICT Security technical certifications such as: SC2 CISSP, ISACA CISM, GIAC (SANS), CEH, SSCP, Cisco e.g. CCNA, CCNP, OSCP,
- You have completed your bachelor’s degree preferably in the fields of computer science or business systems.
- Familiarity with the cyber security kill chain necessary for vulnerability assessment, security architecture, threat hunting
- ICT Infrastructure Security Hardening experience
Would be extra awesome if you have experience with….
- Implementing security controls on private & public Cloud platforms (i.e. IaaS, PaaS, SaaS, AWS, Azure). Amazon VPC design and microservice architecture highly regarded
- Experience using Security Information and Event Management (SIEM) Tools and analytics (including UEBA)
- Experiencing developing and justifying business cases
- Experience leading the security design and architecture for public, private, and hybrid Cloud based enterprise systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers.
- You have Cloud/vendor certifications: AWS, Azure, GCP, Check Point, FireEye, F5, Splunk, SOAR, SIEM, AI
IDP operates in over thirty countries, across three major business lines. Our 5,000 team members based around the world understand that our services change lives – not only of our customers, but their wider communities. Our people are our greatest asset – it is through their passion, expertise and dedication that enables us to deliver outstanding service to our customers, clients and partners.
Our people are our greatest asset – it is through their passion, expertise and dedication that enables us to deliver outstanding service to our customers, clients and partners. By combining empathy and professional expertise with digital excellence, we create launch pads for our customers to achieve global success.
IDP is committed to provide efficient, effective and timely security service to our internal and external customers