Cyber Security Engineer

# ASX: Powering Australia's financial markets # When you join ASX, you're joining a company with a strong purpose - to power a stronger economic future by enabling a fair and dynamic marketplace for all.In your new role, you'll be part of a leading global securities exchange with a strong brand. We are known for being a trusted market operator and an exciting data hub.Want to know why we are a great place to work, click on the link to learn more. We are more than a securities exchange! The ASX team brings together talented people from a diverse range of disciplines.We run critical market infrastructure, with 1 in 3 people employed within technology. Yet we have a unique complexity of roles across a range of disciplines such as operations, program delivery, financial products, investor engagement, risk and compliance.We're proud to foster a workplace where diversity is celebrated and inclusion is part of our everyday culture. Our employee-led networks champion LGBTIQ+ inclusion, promote gender equality, accessibility and wellbeing, inspire giving and volunteering, and celebrate cultural and religious events, creating a sense of belonging for all. As an AWEI Bronze employer and member of the Champions of Change Coalition for gender equality, we're committed to a fair and inclusive workplace where everyone can thrive.The Security Operations Centre is responsible for security monitoring, incident response and computer forensics across the ASX environment. We also conduct maintain a number of enterprise security controls/tooling and conduct regular security testing including vulnerability scanning, phishing simulations and red and purple team testing. Your responsibilities: Maintenance of security tools and controls such as EDR, SIEM, proxy, email gateway, vulnerability scanning, application control and WAF Manage the configuration of key security tools to ensure they are operationally optimised. Tools include EDR,SIEM, proxy WAF, application control etc. Improve the security posture of the ASX environment by building/implementing new controls and enhancing existing controls Create new detections in the relevant security tools to meet the demands of an evolving threat landscape Automate cyber security tasks such as the collection of artefacts, integration of threat intelligence etc Assist in the response to significant security incidents (in conjunction with support teams) End to end management of issues identified during security testing Assist in the preparation of management, Board and Regulatory reporting Assist in security training and awareness of ASX staff Enhance and manage the security documentation suite (e.g. policies, procedures, metrics, use cases and reporting) as it relates to the exchange Cyber Security Centre Performance and management of data and threat risk assessments Liaise with internal and external assurance functions as required Your experience and qualifications Must have skills: Worked at a senior level within a security operations centre environment Hands on practical knowledge of Kubernetes technologies like GKE, EKS and Helm. In-depth knowledge of Elasticsearch SIEM using ECK. Extensive knowledge of building and maintaining scalable big data pipelines, like Kafka, Vector and OTEL. Experience with Terraform, Ansible or any other IaC services. Proficient with a programming language (Python). Exposure to industry standard security frameworks (e.g. NIST, ASD, Swift CSP) Assessment and investigation of security alerts (e.g. SIEM alerts, phishing emails etc.) Exposure to security tools configuration management (e.g. SIEM, EDR, TIP, Email Security, Proxy etc) Familiarity with operating systems including Windows, Linux, VMS; and platforms such as, Active Directory, Exchange, SQL, Familiarity with cloud platforms such as GCP and AWS. Development of security related documentation (policies, procedures, standards Process risk and control mapping techniques Exposure to the performance of penetration testing and vulnerability scanning Nice to have: IT degree with a focus on IT Security. Certifications such as GCFA, GCFR, GCTI, GCIH. Understanding of current Australian regulatory environment (as it relates to financial services / clearing and settlement providers) and related implications to identity management and security/audit compliance (Neo)Vim user LFS, Gentoo or Arch BTW Rewrite code in rustWe make hiring decisions based on your skills, capabilities and experience, and how you'll help us to live our values. We encourage you to apply even if you don't meet all the criteria of this role. If you need any adjustments during the application or interview process to help you present your best self, please let us know.At ASX Group, our diverse workforce is essential to build and maintain a fair and dynamic marketplace. We support flexible working and offer hybrid working options. Even if our roles are advertised as full-time, we encourage you to apply if you are interested in part-time or other flexible working arrangements.We will arrange for successful candidates to have background checks, including reference and police checks completed as part of the on-boarding process.When you join ASX, you'll be joining a dynamic global leader with a record of innovation and a reputation for integrity, transparency and professionalism. You'll also enjoy an impressive range of employee benefits and a flexible working environment underpinned by a friendly and collaborative culture.