Senior Security Consultant
- Sydney, New South Wales, Australia
- Permanent, Full time
- Macquarie Group
- 25 Sep 16
Senior Security Consultant
About the role
Technology Security, part of COG Technology, defends Macquarie's information. The team ensures all information is adequately protected from inappropriate disclosure, that integrity is maintained and information is available when required.
We are looking to recruit an experienced Senior Technical Security Consultant who will be part of the global Security Consulting team and report to the Head of Security Consulting based in Sydney, Australia. The Consulting team operates as a recoverable business model.
The role will require the successful applicant to deliver company-wide technical security risk assessment and consulting services across business groups, manage the pipeline of work from their client base, operate within a global team, report issues and recommendations for management follow up, and manage client relationships.
- deliver authoritative, practical and responsive consulting services on all aspects of enterprise information security risks to COG Technology.
- provide security consulting services to projects throughout their lifecycles, to help ensure the application and infrastructure solutions being deployed meet appropriate and adequate security standards.
- identify and assess key IT security risks and recommend appropriate and practical treatment plans.
- build and maintain productive, collaborative relationships with stakeholders in COG Technology and the business.
- determine security design issues and drive attack surface analysis and most "at-risk" components.
- detailed knowledge of technical security concepts and their practical application. This knowledge is required across the application, operating system and network layers.
- experience in technical security risk assessment - across enterprise infrastructure, web technology and applications platforms. Note: this is specific technology, rather a technical information security based role.
- understanding of current and emerging security technologies, security threats and trends.
- experience working within DevOps structured teams (including continuous integration and delivery).
- proven practical experience with security across multiple cloud / virtualization environments: AWS, Azure, OpenStack, VMWare etc.
- proven experience with threat modelling and risk analysis.
- technology savvy, with exceptional communication skills, both written and verbal.
- logical thought mindset and experience developing reusable processes / data architecture.
- knowledge of security architecture - across enterprise infrastructure, web technology and applications platforms.
The following characteristics are considered essential for the role
- strong and self-confident, adaptable and flexible - capable dealing effectively with colleagues and business users in a constantly evolving environment.
- ability to gather written and verbal information from multiple sources, assess and consolidate risks, provide appropriate recommendations.
- ability to handle multiple tasks ,prioritise effectively, remain calm under pressure and when faced with adversity or urgent issues
- comfortable working as part of global team across geographies, cultures and time-zones.
- focused on business enablement whilst being able to reach balanced judgements vs. security.
- enthusiastic and creative, an inquisitive nature with an attention to detail, yet able to think outside the box and consider the big picture.
- ability to influence and educate stakeholders and management regarding appropriate security and IT risk management.
Minimum required experience
- significant experience in technical security risk assessment in a consulting capacity.
- proven ability to deliver end to end Information security / risk assessment services.
- excellent analytical and problem-solving skills.
- financial services experience preferred.
- university degree in computer science or engineering, or equivalent.
- technical security certifications including platform/infrastructure-specific certifications, e.g. CISSP, GIAC, CCNA.
- risk management certifications (preferred, not mandatory), e.g. PCI-DSS, CISA, CISM, SABSA.
The Corporate Operations Group (COG) brings together specialist support services including workplace, human resources, market operations and technology. COG's purpose is to drive operational excellence through business-aligned services with a focus on quality, cost and risk. COG comprises the following divisions: Business Improvement and Strategy, Business Services, Human Resources, Market Operations, and Technology.
Find out more about Macquarie careers at www.macquarie.com/careers
Macquarie understands the importance of diversity and inclusion - our long history of success has come from being different. At Macquarie we value the innovation and creativity that diversity of thought brings. The one thing we all have in common is our focus on high performance. If you're capable, motivated and can deliver, we want you on our team.
Advertised: 11 Jul 2016 Aus. Eastern Standard Time