Expression of Interest - Cyber Security Engineer

Last updated an hour ago

On your first day, we'd love for you to have:

  • Expert level security knowledge in technical IT domains - operating systems, networks, databases, mobile, cloud or solution development etc.
  • Experience implementing controls in a wide range of environments, from microsystem, IoT, cloud, appliance, workstation, and servers.
  • Expert level knowledge of coding languages and frameworks such as ReactJS, Angular JS, Python, Java, C#, NodeJS, Ruby and other full stack frameworks.
  • Hands on knowledge of devops and automation tools and services such as AzureDevops, Jenkins, Puppet, docker, GIT.
  • Knowledge of integration of security and devops toolkits into the devops and CI/CD pipeline
  • Understanding of cyber security regulations such as APRA-CPS234, GDPR, IRAP, PCI-DSS etc. While not all regulations are required on day one, it is imperative to have knowledge of some or one so you can apply that to other regulatory requirements.
  • Hands on exposure to at least one or more cloud environments. This can be Microsoft Azure, Amazon AWS, Google Cloud etc. With one environment understood it is possible to map those skills onto other environments.
  • Knowledge of Application Security vulnerabilities and automation of security checks using technologies such as DAST, SAST, IAST and Open Source Vulnerability scanning methods. Exposure to Security Test Automation using abuse cases and leveraging frameworks such as Selenium, NightWatch, Cucumber, BDD-Security
  • Experience in practical security vulnerability identification, remediation and prevention.
It's great, but not required, if you have:
  • A Computer Science or Software engineering degree or equivalent
  • Industry related certification preferred (e.g. CISSP, CISA, CISM, SABSA, PRINCE2, TOGAF, ITIL and AWS, Azure or GCP certifications)
  • Solution and Infrastructure Level Certifications such as CCNA/P, Microsoft technologies, various cloud certifications etc. will be advantageous
  • Knowledge of containers and container security requirements, such as Docker or Kubernetes.

About us

EY is a global professional services organisation providing consulting, assurance, tax and strategy and transaction services. We are committed to doing our part in building a better working world, to help create wider economic and social benefits today, and a strong legacy for a better tomorrow.

Apply now

Across every part of EY, we dig deeper in pursuit of better working. Does better begin with you? Click apply online to find out. The preferred applicant will be subject to employment screening by Ernst & Young or by their external third-party provider.

© 2020 Ernst & Young Australia. All Rights Reserved.