On-demand consulting and business talent platform
Senior Security Engineer
Expert360 is one of Australia's fastest growing startups, reinventing the way we work. We empower organisations to build, scale, and manage flexible, on-demand workforces across tens of thousands of projects. We are at the forefront of the collaborative economy, and the most profound change in the way we work since the industrial revolution.
Not only were we named number 2 in LinkedIn’s list of top startups for attracting talent, we were also voted by the Australian Financial Review as one of Australia's most innovative tech startups.
There are few opportunities in your career to join a high growth start up. This is one of them. We have an amazing team, a great brand, global clients, and we’re just getting started. We are small enough that everyone matters, and your work will have a direct impact on our next stage of growth by enabling strategic deals with large, security-conscious organisations.
We’re looking for an articulate, collaborative, and self-motivated person who is keen to take the next step in their career. Our ideal candidate will be able to apply their in-depth knowledge of information security management best-practices to secure our systems and processes, and guide us towards internationally-recognised security certifications.
This will largely involve defining and implementing security policies and procedures and educating internal and external stakeholders to drive compliance across the business; you’ll play a significant role in ensuring the protection of our clients, users and staff.
- Define, disseminate, and enforce Information Security policies, standards, and procedures
- Design, develop, and implement effective security controls for systems, services and accounts
- Increase security awareness across the company through communication and training
- Proactively identify operational security risks, providing guidance for mitigation activities
- Manage security and access requests in an auditable manner, with regular access reviews
- Oversee security incident response, including necessary protective or corrective measures
- Coordinate external penetration testing activities, and assessment of remediation requirements
- Perform internal vulnerability testing, coordinating remediation tasks with engineering team
- Collaborate with Site Reliability Engineers to develop and validate Disaster Recovery plans
- Maintain and promote awareness of emerging security threats and vulnerabilities
- Engage with external auditors to demonstrate compliance with our Information Security Program
- Experience in a similar role or related discipline (systems or network administration, operations, risk management, security engineering, etc.)
- Knowledge of security controls associated with firewalls, email, web, endpoints, operating systems (Windows, MacOS, and Linux), intrusion detection/prevention, and networks
- Demonstrable experience with information security management and compliance frameworks such as EU GDPR, ISO 27001, SOC2, PCI DSS, or HIPAA
- Ability to communicate security concepts and threats to technical and non-technical audiences, across all levels of the organisation
- Keen lateral and critical thinking skills, to identify and prioritize risks and their mitigations
Desirable Skills (not a deal-breaker)
- Good understanding of public cloud platforms and technologies, such as AWS and Kubernetes
- Experience implementing policies, procedures, and controls from the ground-up, to achieve industry-recognised information security certification
- Security accreditations (CISM, CISSP, GSEC, CompTIA Security+, etc.) are highly regarded
- Passion for automating repetitive tasks through scripting (e.g. Python, Bash, PowerShell, etc.)
Life at Expert360
We are an equal opportunity employer and value diversity at our company. No matter where you are from or what you believe in, we simply ask that you are committed to your role, your colleagues and your work.
We have a flexible working environment, including the ability to work from home and remotely. We give our team opportunities to attend conferences and undertake further training and personal development.
We believe in sustainable pace and that the best results come from teams that are happy, motivated and have a great work-life balance. We work hard, but we also have great times together.
To start this exciting journey, please submit your CV and apply online.
Expert360 at a glance
Expert360 focuses on Enterprise Software, Marketplaces, Consulting, and Small and Medium Businesses. Their company has offices in San Francisco and Sydney. They have a mid-size team that's between 51-200 employees. To date, Expert360 has raised $15.271M of funding; their latest round was closed on May 2015.