Cloud SecOps Engineer

Job details

Posted
14 February 2025
Salary
AU$180000 - AU$210000 per annum
Location
Sydney CBD
Job type
Permanent
Discipline
IT General
Reference
268451

Job description

Open for Australia based candidates!

About the role

The Cloud SecOps Engineer is responsible for strengthening, managing, and optimizing the AWS cloud environment by deploying security controls, administering security tools, and embedding automation into DevSecOps processes. This role is part of the Platform Engineering Team, which designs and maintains the AWS landing zone and core cloud toolchains, including Prisma CNAPP, GitLab, Terraform, Vault, and Nexus.



Key Responsibilities:

  • Oversee the configuration, integration, and management of Palo Alto Prisma for Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWPP), and Cloud Infrastructure Entitlement Management (CIEM) to uphold security best practices.
  • Automate security monitoring and remediation workflows utilizing Prisma, AWS Security Hub, and GuardDuty.
  • Implement and enforce security settings for AWS IAM, VPC security, encryption (KMS), secrets management (HashiCorp Vault), privileged access management (Delinea), and logging (CloudTrail, CloudWatch, SIEM integration with Exabeam).
  • Ensure security standards are met in Terraform and CloudFormation templates, conducting regular reviews and enforcement.
  • Develop automated pre-deployment security validation for infrastructure-as-code (IaC) to identify misconfigurations and vulnerabilities.
  • Manage SAST/SCA tools to detect vulnerabilities in third-party dependencies.
  • Integrate container image security scanning within the CI/CD pipeline using Prisma.
  • Support incident response automation and execution of security playbooks.



Required Skills and Experience

  • 5+ years of experience in IT security, with at least 3+ years specializing in AWS cloud security.
  • Practical experience in configuring and managing Prisma CNAPP.
  • Expertise in AWS security services, such as IAM, Security Hub, GuardDuty, KMS, SCPs, and VPC security.
  • Strong hands-on knowledge of DevSecOps toolchains, including GitLab, Terraform, CloudFormation, and Nexus.
  • Deep understanding of infrastructure-as-code security (Terraform, CloudFormation) and policy-as-code enforcement (e.g., Sentinel, OPA, Checkov, Conftest).
  • Experience integrating security tools (SAST, SCA, container security scanning) within CI/CD pipelines (GitLab, Terraform).
  • Proficiency in security monitoring, vulnerability management, incident response, and a solid grasp of ITIL service management principles.
  • Experience working with SIEM solutions (Exabeam), privileged access management (Delinea), and key management (HashiCorp Vault).
  • Strong collaboration and communication skills, with the ability to work effectively alongside DevOps, cloud, and security teams.



Benefits

  • Supportive and diverse workplace culture
  • Professional Team Environment
  • Opportunities for career development




Job Reference # 268451

To be considered for the role click the 'apply' button or for more information about this and other opportunities please contact Aditi Yadav on 02 9464 5530 or email: [email protected] and quote the above job reference number.

Paxus values diversity and welcomes applications from Indigenous Australians, people from diverse cultural and linguistic backgrounds and people living with a disability. If you require an adjustment to the recruitment process, including the application form in an alternate format, please contact me on the above contact details.