Senior Cloud Application Security Engineer
Senior Cloud Application Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
We are looking for a Senior Cloud & Application Security Engineer to design implement and manage security controls across cloud environments and applications protecting Cuscals payments and data services.
What is this role about
As the Senior Cloud & Application Security Engineer youll play a key part in securing cloudnative workloads integrating security into the software development lifecycle (SDLC) and ensuring compliance with regulatory and industry security standards. The role will work closely with development DevOps and infrastructure teams to embed security best practices and drive continuous security improvements across cloud and application landscapes.
Heres some more insight into what youll work on
- Cloud Security Architecture:
- Design and implement security solutions for cloudnative and hybridcloud environments.
- Develop and enforce security architecture patterns controls and automation within cloud services and infrastructure as code (IaC).
- Configure and manage cloud security services such as identity and access management (IAM) encryption logging and monitoring.
- Application Security & DevSecOps:
- Embed security within the SDLC through secure coding practices automated security testing and CI/CD pipeline integrations.
- Conduct static (SAST) and dynamic (DAST) application security testing container security scanning and API security assessments.
- Threat & Vulnerability Management:
- Identify and mitigate security risks in cloud and application environments through threat modelling penetration testing and vulnerability assessments.
- Implement and maintain security controls to defend against cloud and applicationspecific attack vectors.
- Support incident response by analysing cloud and application security events and recommending mitigations.
- Develop and maintain incident response playbooks specifically focused on data breaches and protection failures.
- Security Tooling & Automation:
- Implement and maintain security tools such as Cloud Security Posture Management (CSPM)
- Develop security automation using scripting (Python PowerShell) and cloudnative security services.
- Enhance visibility and detection capabilities by integrating cloud security logs into SIEM solutions.
Qualifications :
What can you bring
- 2 years in cybersecurity with a focus on cloud security application security and DevSecOps.
- Strong experience securing workloads in AWS Azure or GCP with expertise in IAM encryption logging and cloud security best practices.
- Handson experience with CI/CD pipeline security SAST/DAST tools API security and container security (Docker Kubernetes).
- Expertise in securing web applications microservices and APIs against OWASP Top 10 threats.
- Experience with infrastructure as code (Terraform CloudFormation Ansible and security automation.
- Familiarity with cloud security frameworks such as CIS Benchmarks NIST CSF and CSA Cloud Controls Matrix.
- Strong understanding of threat modelling vulnerability management and security testing.
- Experience integrating cloud security logs with SIEM tools like Splunk or Sentinel.
- Proven experience leading highseverity incident responses in a fastpaced environment.
Although not required any experience in the following would be highly regarded:
- Payments industry ATM/EFT/POS technology cards and finance or other regulated industries and/or 24x7 missioncritical environments.
- Knowledge of security frameworks and standards such as ISO 27001 NIST CPS234 ASD Essential 8 etc.
- Understanding of legal regulatory privacy and security matters associated with the Banking and Finance Industry.
Additional Information :
Why Cuscal
We are in the rapidly evolving world of payments and we are committed to providing a diverse and inclusive workplace where the very best talent in Australia chooses to work. We support our colleagues with flexible work arrangements through our hybrid model whilst also offering a wide range of educational financial lifestyle health & wellbeing benefits.
Next Steps
If you think this role is the right fit for you we invite you to apply. Lets explore who you are and what drives you. Wed love to share our vision for the future of payments sector. Please note candidate screening and interviews may be conducted prior to the closing date of the job advert.
Cuscal does not accept unsolicited resumes from recruitment agencies and search firms. Please do not email or send unsolicited resumes to any Cuscal employee location or address.
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
