Senior Cloud Security Engineer

Summary

Join Zeller, a fast-growing Australian scale-up reimagining business banking and payments, as a Senior Cloud Security Engineer or Cloud Security Architect. You will play a pivotal role in enhancing AWS infrastructure security. Responsibilities include conducting security assessments, penetration testing, implementing security solutions, and collaborating with cross-functional teams. The ideal candidate possesses extensive experience in cloud security, penetration testing tools, and AWS environments. This fully remote role offers competitive remuneration, excellent parental leave, and numerous professional development opportunities within a supportive and dynamic work environment.

Requirements

• Proven experience as a Senior Cloud Security Engineer, Cloud Security Architect, or a related role with a strong focus on penetration testing in AWS environments
• Hands-on experience with penetration testing tools and frameworks, such as Kali Linux, Burp Suite, Metasploit, and Nessus, specifically applied to AWS environments
• Strong understanding of common web application vulnerabilities (e.g., OWASP Top 10), network protocols, and security technologies
• Familiarity with security frameworks and standards, such as NIST Cybersecurity Framework and PCI DSS, as applied to AWS environments
• Strong understanding of penetration testing methodologies, tools, and frameworks
• Proficiency in using various security tools, including but not limited to Burp Suite, Metasploit, Nmap, Nessus, Wireshark, etc
• Knowledge of web application security, mobile application security, network security, and secure coding practices
• Demonstrated analytical and problem-solving skills, with the ability to assess risks and recommend appropriate security controls
• Excellent communication and collaboration skills, with the ability to work effectively across cross-functional teams and present complex security concepts to non-technical stakeholders

Responsibilities

• Conduct security assessments, including penetration testing, vulnerability assessments, and security audits, to identify security vulnerabilities in web applications, networks, systems, and infrastructure
• Perform penetration tests on web applications, mobile applications, APIs, and network infrastructure to identify vulnerabilities such as SQL injection, XSS, CSRF, and other security issues
• Utilize automated tools and manual techniques to assess security risks and exploit vulnerabilities, simulating real-world cyber-attacks
• Develop and execute advanced penetration testing plans, encompassing scoping, reconnaissance, exploitation, and thorough reporting
• Collaborate closely with development and operations teams to address security vulnerabilities and provide expert recommendations for effective mitigation strategies
• Implement pattern identification and behaviour analysis mechanisms to detect and respond to anomalous activities across the infrastructure
• Stay updated with the latest AWS security threats, vulnerabilities, and best practices, and proactively implement necessary countermeasures to enhance security posture
• Collaborate with cross-functional teams to establish and enhance incident response plans and actively participate in security incident investigations and resolution
• Provide expert guidance and support to other teams, advising on secure AWS development practices, security guidelines, and threat mitigation techniques
• Document sophisticated security processes, procedures, and guidelines, contributing to the development of comprehensive security policies and standards specific to AWS

Preferred Qualifications

• AWS Certified Security - Specialty or higher certification
• Experience in working within a high-growth environment
• Security professional certifications (CISSP, CEH, OSCP etc.)
• Experience in other cloud platforms (Azure, Google)
• Experience in payments
• Experience with PCI compliant environments (PCI-DSS, etc)

Benefits

• Competitive remuneration
• A balanced, progressive, and supportive work environment
• Excellent parental leave and other leave entitlements
• Fully remote role
• Annual get together with the team
• Endless learning and development opportunities
• Plenty of remote friendly fun and social opportunities
• An ability to influence and shape the future of Zeller as our company scales both domestically and globally
• Being part of one of Australia’s most exciting scale-ups