Apply now »

Cyber Security Senior Analyst (Design & Assurance)

Date:  3 Jun 2025
Location: 

SYDNEY, NSW, AU, 2000 DOCKLANDS, VIC, AU, 3008

Employment Type:  Permanent Full Time

The opportunity to join our team

 

We have an opportunity for a Cyber Security Design & Assurance Senior Analyst to join our talented Cyber Security team! We are looking for an individual that has experience in either the Threat and Vulnerability Management or DevSecOps Domain so as to ensure the organisation maintains a “Shift -Left” approach to maintaining a strong security posture and minimises its exposure to potential Cyber attacks.In this role, you’ll have the opportunity to work within either the Threat and Vulnerability Management OR DevSecOps team allowing you to deepen your expertise by supporting our team’s functions and Cyber security strategy.

 

Key Responsibilities:

 

Supporting our Threat and Vulnerability Management or DevSecOps team with a number of activities including:

  • Threat and Vulnerability Management:
    • Support the Vulnerability Management Operating Framework and the Continuous Threat and Exposure Management (CTEM) Strategy through establishing processes for vulnerability scanning, assessment, prioritisation, remediation, and reporting.
    • Collaborate with technology owners and business stakeholders to develop and implement risk-based remediation plans for identified vulnerabilities. Balance the urgency of remediation activities with the potential impact of vulnerabilities and the feasibility of implementation. Track the progress of remediation efforts and ensure timely closure of vulnerabilities
    • Support the active monitoring and analysis of threat intelligence from various sources to identify emerging threats, attacker tactics, and potential risks relevant to the organisation.
  • DevSecOps
    • Integrate Security into CI/CD: Collaborate with DevOps to seamlessly embed security checks, automated testing, and real-time monitoring into our CI/CD pipelines
    • Promote DevSecOps: Be the advocate for DevSecOps, promoting collaboration between dev, ops, and security teams while offering training on secure coding and security-as-code
    • Support Secure SDLC Governance: Support the Design and execution of Insignia’s Secure DevSecOps Roadmap and SDLC framework.

 

What you will bring to this role

 

We are looking for a seasoned analyst with a strong background in either Threat and Vulnerability Management And/OR DevSecOps.

 

To thrive in this role, you will need to:

  • Have demonstrated technical proficiency in at least one Primary Skillset, ensuring a solid foundation in core security discipline:
      • Vulnerability Management: Operating Tools such as Qualys, Rapid7, or Tenable.
      • DevSecOps:
        • SAST: Experience with tools like SonarQube, Snyk, or Veracode.
        • SCA: Proficiency in platforms like Nexus IQ/Lifecycle, Snyk, or equivalent.
        • Container Security: Tools such as Trivy, Sysdig, Falco, or equivalent.
        • DAST: Familiarity with OWASP Zap or similar solutions.

 

  • Possession of one or more Secondary Skillsets is considered desirable but not essential.
      • DevOps Experience:
        • Software Source Control: Tools like GitHub or GitLab.
        • CI/CD: Platforms such as GitHub Actions, Jenkins, or equivalent.
        • Infrastructure as Code (IaC): Proficiency with Terraform or AWS CloudFormation.
        • Configuration Automation: Tools like Ansible, Puppet, or Chef.
      • Scripting and Automation: Ability to write scripts using Python, Bash, or PowerShell.

 

  • The ability to context switch and demonstrate analytical and problem-solving skills,  to address complex security issues and develop effective solutions.
  • Proven solid understanding of security principles and best practices related to network, cloud, application, and data security.
  • Present excellent written and verbal communication skills, enabling effective collaboration with both technical and non-technical stakeholders.
  • Be familiar with relevant industry standards and frameworks such as NIST, ISO 27001, and OWASP.
  • Hold relevant cyber security certifications (e.g., AWS or GCP cloud certification, Security+, CySA+, CCSP, or similar).

 

Join us and make a significant impact on our organisation's security landscape!


Find the better way

What gets us excited about working here? Helping people feel good about their money as one of Australia’s leading financial wellbeing organisations. From those starting out to those retiring. As your team, we’ll show up for you and together we will create financial wellbeing for every Australian. Because we know people who are confident about their financial future live better lives.

If this sounds like your kind of career, you sound like our kind of person. With us, you’ll do work that builds your technical know-how and challenges our entire industry to move forward. Along the way, you’ll be free to explore new ideas and technology, solve problems in a team, and independently to get great things done. Around here, we like to call it “putting our fingerprints on the future”.

People-inspired tech

Deep expertise combined with creativity can take on the trickiest of problems. Join our team of brilliant minds and mentors as we explore our way to innovation and apply technology in more human ways than ever.

__

 

To Apply

Read more here about why you should join our team.

Applicants will be required to provide evidence of their eligibility to work in Australia, and at a minimum be required to undertake police and basic credit checks as a condition of employment.

 

Please note that applications from agencies will not be considered at this time.

 

We acknowledge and celebrate the richness that individual differences bring to our team. If you need assistance or an adjustment during the application process, please reach out and let us know.

Apply now »