ASX: Powering Australias financial markets

Why join the ASX

When you join ASX youre joining a company with a strong purpose to power a stronger economic future by enabling a fair and dynamic marketplace for all.

In your new role youll be part of a leading global securities exchange with a strong brand. We are known for being a trusted market operator and an exciting data hub.

Want to know why we are a great place to work click on the link to learn more.

are more than a securities exchange!

The ASX team brings together talented people from a diverse range of disciplines.

We run critical market infrastructure with 1 in 3 people employed within technology. Yet we have a unique complexity of roles across a range of disciplines such as operations program delivery financial products investor engagement risk and compliance.

Were proud to foster a workplace where diversity is celebrated and inclusion is part of our everyday culture. Our employee-led networks champion LGBTIQ inclusion promote gender equality accessibility and wellbeing inspire giving and volunteering and celebrate cultural and religious events creating a sense of belonging for all. As an AWEI Bronze employer and member of the Champions of Change Coalition for gender equality were committed to a fair and inclusive workplace where everyone can thrive.

The Security Operations Centre is responsible for security monitoring incident response and computer forensics across the ASX environment. We also conduct maintain a number of enterprise security controls/tooling and conduct regular security testing including vulnerability scanning phishing simulations and red and purple team testing.

Your responsibilities:

• Maintenance of security tools and controls such as EDR SIEM proxy email gateway vulnerability scanning application control and WAF

• Manage the configuration of key security tools to ensure they are operationally optimised. Tools include EDRSIEM proxy WAF application control etc.

• Improve the security posture of the ASX environment by building/implementing new controls and enhancing existing controls

• Create new detections in the relevant security tools to meet the demands of an evolving threat landscape

• Automate cyber security tasks such as the collection of artefacts integration of threat intelligence etc

• Assist in the response to significant security incidents (in conjunction with support teams)

• End to end management of issues identified during security testing

• Assist in the preparation of management Board and Regulatory reporting

• Assist in security training and awareness of ASX staff

• Enhance and manage the security documentation suite (e.g. policies procedures metrics use cases and reporting) as it relates to the exchange Cyber Security Centre

• Performance and management of data and threat risk assessments

• Liaise with internal and external assurance functions as required

Your experience and qualifications

Must have skills:

• Worked at a senior level within a security operations centre environment

• Hands on practical knowledge of Kubernetes technologies like GKE EKS and Helm.

• In-depth knowledge of Elasticsearch SIEM using ECK.

• Extensive knowledge of building and maintaining scalable big data pipelines like Kafka Vector and OTEL.

• Experience with Terraform Ansible or any other IaC services.

• Proficient with a programming language (Python).

• Exposure to industry standard security frameworks (e.g. NIST ASD Swift CSP)

• Assessment and investigation of security alerts (e.g. SIEM alerts phishing emails etc.)

• Exposure to security tools configuration management (e.g. SIEM EDR TIP Email Security Proxy etc)

• Familiarity with operating systems including Windows Linux VMS; and platforms such as Active Directory Exchange SQL

• Familiarity with cloud platforms such as GCP and AWS.

• Development of security related documentation (policies procedures standards

• Process risk and control mapping techniques

• Exposure to the performance of penetration testing and vulnerability scanning

Nice to have:

• IT degree with a focus on IT Security.

• Certifications such as GCFA GCFR GCTI GCIH.

• Understanding of current Australian regulatory environment (as it relates to financial services / clearing and settlement providers) and related implications to identity management and security/audit compliance

We make hiring decisions based on your skills capabilities and experience and how youll help us to live our values. We encourage you to apply even if you dont meet all the criteria of this role.

If you need any adjustments during the application or interview process to help you present your best self please let us know at

At ASX Group our diverse workforce is essential to build and maintain a fair and dynamic marketplace. We support flexible working and offer hybrid working options. Even if our roles are advertised as full-time we encourage you to apply if you are interested in part-time or other flexible working arrangements.

We will arrange for successful candidates to have background checks including reference and police checks completed as part of the on-boarding process.

To be considered for this position candidates must be legally authorised to work in Australia on a permanent basis without any restrictions.