Senior Cloud & Application Security Engineer6 days ago Be among the first 25 applicantsCompany DescriptionFor a winning team that is evolving. Forward with Cuscal.At Cuscal, youll find a strong, successful company thats reimagining the future. Here, youll deliver or support interesting, ground-breaking projects that have real impact - on Australias financial services sector and the millions of customers it serves. Youll innovate alongside skilled, smart, connected teams. As the largest independent payment solution provider, weve set the standard for over 50 years. Now, were preparing to pioneer the next 50.Job DescriptionWe are looking for a Senior Cloud & Application Security Engineer to design, implement and manage security controls across cloud environments and applications, protecting Cuscals payments and data services.What is this role about?As the Senior Cloud & Application Security Engineer, youll play a key part in securing cloud-native workloads, integrating security into the software development lifecycle (SDLC), and ensuring compliance with regulatory and industry security standards. The role will work closely with development, DevOps, and infrastructure teams to embed security best practices and drive continuous security improvements across cloud and application landscapes.Heres some more insight into what youll work on:Cloud Security Architecture:Design and implement security solutions for cloud-native and hybrid-cloud environments.Develop and enforce security architecture patterns, controls, and automation within cloud services and infrastructure as code (IaC).Configure and manage cloud security services such as identity and access management (IAM), encryption, logging, and monitoring.Application Security & DevSecOps:Embed security within the SDLC through secure coding practices, automated security testing, and CI/CD pipeline integrations.Conduct static (SAST) and dynamic (DAST) application security testing, container security scanning, and API security assessments.Threat & Vulnerability Management:Identify and mitigate security risks in cloud and application environments through threat modelling, penetration testing, and vulnerability assessments.Implement and maintain security controls to defend against cloud and application-specific attack vectors.Support incident response by analysing cloud and application security events and recommending mitigations.Develop and maintain incident response playbooks specifically focused on data breaches and protection failures.Security Tooling & Automation:Implement and maintain security tools such as Cloud Security Posture Management (CSPM).Develop security automation using scripting (Python, PowerShell) and cloud-native security services.Enhance visibility and detection capabilities by integrating cloud security logs into SIEM solutions.QualificationsWhat can you bring?7+ years in cybersecurity, with a focus on cloud security, application security, and DevSecOps.Strong experience securing workloads in AWS, Azure, or GCP, with expertise in IAM, encryption, logging, and cloud security best practices.Hands-on experience with CI/CD pipeline security, SAST/DAST tools, API security, and container security (Docker, Kubernetes).Expertise in securing web applications, microservices, and APIs against OWASP Top 10 threats.Experience with infrastructure as code (Terraform, CloudFormation, Ansible) and security automation.Familiarity with cloud security frameworks such as CIS Benchmarks, NIST CSF, and CSA Cloud Controls Matrix.Strong understanding of threat modelling, vulnerability management, and security testing.Experience integrating cloud security logs with SIEM tools like Splunk or Sentinel.Proven experience leading high-severity incident responses in a fast-paced environment.Although not required, any experience in the following would be highly regarded:Payments industry, ATM/EFT/POS technology, cards and finance or other regulated industries and/or 24x7 mission-critical environments.Knowledge of security frameworks and standards such as ISO 27001, NIST, CPS234, ASD Essential 8 etc.Understanding of legal, regulatory, privacy and security matters associated with the Banking and Finance Industry.Additional InformationWhy Cuscal?We are in the rapidly evolving world of payments, and we are committed to providing a diverse and inclusive workplace where the very best talent in Australia chooses to work. We support our colleagues with flexible work arrangements through our hybrid model whilst also offering a wide range of educational, financial, lifestyle, health & wellbeing benefits.Next StepsIf you think this role is the right fit for you, we invite you to apply. Lets explore who you are and what drives you. Wed love to share our vision for the future of the payments sector. Please note candidate screening and interviews may be conducted prior to the closing date of the job advert. #J-18808-Ljbffr
Job Title
Consultant Solicitor