The Berlin Summit agenda is live featuring 100+ sessions covering 35+ open source projects.      Check out the full agenda

OpenStack Job Board

Published on January 18
Cloud Security and Compliance Officer

Vault Systems

Canberra, ACT, AU

Vault Systems is seeking a Cloud Security and Compliance Officer, an experienced cyber security professional with strong understanding of risk, compliance and ability to define and operationalize cybersecurity processes.

Role Highlights

  • Unique opportunity to join a growing leader of cloud technology.

  • We hire great people and give them the freedom to be awesome.

  • Outstanding opportunity for career growth.

About Vault Systems

Vault Systems is a rapidly growing Australian company that is dedicated to providing highly secure cloud services to the Australian Government and its partners.

The Role

The Cloud Security and Compliance Officer is responsible for  ensuring that the Vault Systems cloud complies with government security requirements at all times. You will be actively looking for potential security issues across all systems and analyse any security incidents, providing a compliant path to implementing a solution to the other teams.

A successful Cloud Security and Compliance Officer needs to have critical thinking and problem-solving skills. They have to have a real thirst for knowledge and be effective at navigating complex issues and staying on top of new regulations.

Job Tasks and Responsibilities

The duties and tasks are varied and complex needing independent judgement. Below you will find a list of some of the key duties and responsibilities:

  • Use the monitoring data from Cloud Operations team to analyse potential breaches, work with other teams on solutions.

  • Continuously review defined security controls and ensure compliance company wide.

  • Automate above two points as much as possible using CI and other tools.

  • Providing guidance on the techniques, principles and theories pertaining to providing security and protection to IT resources, including knowledge of policies, guidelines and procedures involved with the protection of hardware, software and services.

  • Implementing policies and solutions that fall within the Federal Enterprise Security Architecture framework and effectively integrate program elements such as cyber security, and project management.

  • Applying auditing techniques for identifying problems; responding to data calls by gathering and analysing pertinent information, forming conclusions, developing solutions and implementing plans consistent with the department’s management goals.

  • Conduct regular internal security audits and hold staff security meetings.

Skills and Experience

Below is a list of the required experience, skills and qualifications that will allow you to be successful in this role.

Essential:

  • Skills to actively check for security issues through code review, vulnerability testing and manual probing of Linux and Windows systems and network equipment. Read code written in python, bash and PowerShell.

  • Administration knowledge of Linux-based HIDS, log analysers (Elastic/Kibana), virus scanners and application whitelisting (SELinux, AppArmor).

  • Experience in making complex Linux-based clouds compliant with ASD requirements.

  • Automating as many of the job-related tasks as possible.

  • Familiarity with federal data classification standards and their associated implications.

  • Bachelor degree in Computer Science (or related degree and professional experience).

Desirable:

 

  • ASD Information Security Manual implementation knowledge.

  • Experience with IRAP assessment process.

  • Fortigate (FortiOS) Firewall.

  • Windows CIS Compliance Audit Policies.

  • Other skills include:

  • Exceptional communication skills both written and verbal.

  • Ability to think strategically and execute quality output.

  • Proven success in contributing to a team-oriented environment.

  • Strong problem solving and troubleshooting skills.

  • Experience researching, developing and applying new methodologies and technologies.

  • Strong understanding of industry-leading practices in information security, compliance and risk management.

How To Apply

 

If you are looking for an opportunity to add value to a fast-growing Australian company, please submit your resume along with your cover letter (no more than two pages) to [email protected]