"Specialist II, Security Engineering"

Job Description:

• Employment Type: full time continuing role
• Specialist II, Security Engineering within our Cyber Security Engineering team
• Starting Salary $127351-143489 plus generous superannuation and leave loading
• Location: Kensington campus in NSW (Hybrid Flexible Working) 2-3 days in the office

About UNSW:

UNSW isn’t like other places you’ve worked. Yes, we’re a large organization with a diverse and talented community, a community doing extraordinary things. Together, we are driven to be thoughtful, practical, and purposeful in all we do. Taking this combined approach is what makes our work matter. If you want a career where you can thrive, be challenged and do meaningful work, you’re in the right place.

Specialist II, Security Engineering is a key position in the Cyber Security Engineering team, responsible for the implementation, configuration, automation, and support of cyber security services across on-premises, public, and hybrid cloud environments. This includes integrating security controls into CI/CD pipelines, leveraging Infrastructure-as-Code (IaC), and orchestrating workflows.

The role will be responsible for protecting the Universities infrastructure, network, applications and data working closely with our MSSP’s, technology partners, and internal teams to ensure swift and effective responses to emerging threats.

The role reports to the Manager, Security Engineering and has no direct reports.

Specific accountabilities for this role include:

• Lead the WAF adoption journey, working closely with web application teams to understand application architecture, threat models, and traffic patterns. The candidate will be responsible for designing tailored WAF deployment plans, aligning with business and security requirements, and executing end-to-end onboarding workflows. Key responsibilities include:
  • Leading WAF integration efforts for new and existing applications.
  • Collaborating with development and DevOps teams to ensure seamless WAF enablement.
  • Designing and implementing custom WAF rulesets and automation pipelines.
  • Driving continuous improvement in WAF coverage, performance, and threat detection.
  • Providing technical guidance and mentorship to other engineers and stakeholders.
• Support the CI/CD pipeline following an Infrastructure-as-Code approach to automate security testing and manage security services
• Manage security controls in accordance with documented designs to ensure reliability, availability, and security across environments.
• Collaborate with key stakeholders to integrate security controls across IT specialist areas including architecture, networks, and application teams.
• Implement, configure, upgrade, and optimise security services and technologies hosted on-premises and in public cloud (IaaS, PaaS, SaaS).
• Monitor and respond to operational alerts and incidents impacting security services in partnership with UNSW IT, faculties, divisions, external partners, and other stakeholders as required.
• Document and review operation procedures, technical standards, service management plans, processes, designs, knowledge base articles and other documentation as required
• Providing technical guidance and mentorship to junior engineers and cross-functional teams.
• You will be required to participate in a rotating on-call roster.
• Align with and actively demonstrate the UNSW Values in Action: Our Behaviours and the UNSW Code of Conduct.
• Cooperate with all health and safety policies and procedures of the university and take all reasonable care to ensure that your actions or omissions do not impact on the psychosocial or physical health and safety of yourself or others.
• Ensure hazards and risks psychosocial and physical are identified and controlled for tasks, projects, and activities that pose a health and safety risk within your area of responsibility.

Who you are:

• A relevant tertiary qualification with subsequent extensive experience or equivalent competence gained through any combination of education, training, and experience.
• Minimum five years of combined industry experience in any of the following areas: security operations, software development, DevOps, infrastructure automation, or cloud engineering.
• Demonstrated experience in managing and configuring cloud native security services across cloud environments such as Amazon Web Services (AWS), Microsoft Azure, and Microsoft 365 to secure cloud infrastructure and hosted enterprise applications.
• Develop and maintain scalable security services using Terraform and modern DevOps tooling to improve CI/CD pipelines by reducing deployment friction and increasing engineering efficiency and visibility. Strong knowledge of Python, shell scripting, and REST API integration is required for automating security services.
• Extensive experience in configuring cloud-native web application firewall security services on AWS and Cloudflare, with a proven ability to lead web application firewall onboarding and adoption for applications primarily hosted in Azure and datacentre environments, by collaborating with web application teams to understand design, develop tailored deployment plans, and execute end-to-end web application firewall enablement.
• Be passionate about security, automation, quality, and reliability
• CISSP and CCSP certifications are highly desirable but not required.
• Strong written and verbal communication skills, with a high level of attention to detail for deliverables produced.
• Strong analytical and problem-solving skills and proven capacity to exercise initiative, flexibility and to be proactive in development of robust solutions to problems.
• An understanding of and commitment to UNSW’s aims, objectives and values in action, together with relevant policies and guidelines.

Benefits and Culture

• Flexible Working Options (work from home, flexible hours etc)
• Career development opportunities
• 17% Superannuation contributions and additional leave loading payments
• Additional 3 days of leave over Christmas period
• Discounts and entitlements (retail, education, fitness)

For further details on the benefits, please visit https://www.jobs.unsw.edu.au/lifestyle-benefits

How to Apply:

please apply through the portal, we would like you to submit a full application including resume and addressing the who you are section.

Applications close:

Tuesday 3rd of March at 11.30pm

Pre-Employment Checks

Aligned with UNSW’s focus on cultivating a workplace defined by safety, ethical conduct, and strong integrity preferred candidates will be required to participate in a combination of pre-employment checks relevant to the role they have applied for.

These pre-employment checks may include a combination of some of the following checks:-

• National and International Criminal history checks
• Entitlement to work and ID checks
• Working With Children Checks
• Completion of a Gender-Based Violence Prevention Declaration
• Verification of relevant qualifications
• Verification of relevant professional membership
• Employment history and reference checks
• Financial responsibility assessments/checks.
• Medical Checks and Assessments

Compliance with the necessary combination of these checks is a condition of employment at UNSW.

Get in Touch:

Jen MacLachlan
j.maclachlan@unsw.edu.au
Talent Acquisition Partner – UNSW IT

Please apply through the application portal and not via the contact above.

UNSW is committed to equity diversity and inclusion. Applications from women, people of culturally and linguistically diverse backgrounds, those living with disabilities, members of the LGBTIQ+ community; and people of Aboriginal and Torres Strait Islander descent, are encouraged. UNSW provides workplace adjustments for people with disability, and access to flexible work options for eligible staff. The University reserves the right not to proceed with any appointment.