Senior Security Engineer
- Sydney
- Permanent
- Permanent IT
- CTd17-1638031
- 17/12/2025
Senior Security Engineer
$200K–$210K base + superannuation
Permanent full time
Hybrid – 2 days in the office, 3 days working from home
In this role, you’ll design and implement secure architectures across applications, APIs, and cloud environments, working closely with engineering, DevOps, product, and compliance teams. You’ll embed security into the SDLC, lead threat modelling and risk assessments, and drive best-practice security controls aligned to frameworks such as ISO 27001, SOC 2, HIPAA, Essential Eight, and GDPR.
You’ll also play a key role in monitoring, detection, and incident response—designing and tuning security monitoring solutions, leading investigations, and overseeing vulnerability management and penetration testing. Beyond technical delivery, you’ll act as a security champion, mentoring teams, influencing secure design decisions, and communicating risks clearly to both technical and non-technical stakeholders.
What we’re looking for
Candidates must have full Australian working rights.
Certus Recruitment Group is a well-established and experienced specialist consultancy providing sales, marketing, and IT recruitment services. We serve the technology sector across Australia, North America, the UK, and Europe.
$200K–$210K base + superannuation
Permanent full time
Hybrid – 2 days in the office, 3 days working from home
- Office location:North Sydney NSW 2060
- Company size:~120 employees
- IT team size:~75
- Cyber Security team:Greenfield (this role will help establish and shape security capability)
In this role, you’ll design and implement secure architectures across applications, APIs, and cloud environments, working closely with engineering, DevOps, product, and compliance teams. You’ll embed security into the SDLC, lead threat modelling and risk assessments, and drive best-practice security controls aligned to frameworks such as ISO 27001, SOC 2, HIPAA, Essential Eight, and GDPR.
You’ll also play a key role in monitoring, detection, and incident response—designing and tuning security monitoring solutions, leading investigations, and overseeing vulnerability management and penetration testing. Beyond technical delivery, you’ll act as a security champion, mentoring teams, influencing secure design decisions, and communicating risks clearly to both technical and non-technical stakeholders.
What we’re looking for
- 4+ years of experience in security engineering, cybersecurity, or a related field
- Deep knowledge of application, network, and cloud security principles, especially in healthcare or regulated industries
- Proven experience designing and securing cloud-native architectures (AWS, GCP, or Azure) and containerised environments
- Strong knowledge of Kubernetes security (RBAC, network policies, secrets)
- Strong knowledge of healthcare compliance frameworks such as HIPAA, ISO 27001, SOC 2, and Essential Eight, with hands-on experience using SIEM, IDS/IPS, vulnerability scanners, WAFs, penetration testing tools, and endpoint security platforms
- Proven experience in security testing methodologies (SAST, DAST, penetration testing)
- Proficiency in one or more programming or scripting languages (Python, Java, TypeScript…)
- Excellent communication and collaboration skills, with the ability to work across technical and non-technical teams
- Relevant certifications (CISSP, CISM, OSCP, AWS Security Specialty, CEH, CKS, AWS Certified Security) are highly regarded
- Familiarity with privacy-enhancing technologies and patient consent management systems
- Work on meaningful technology that directly impacts healthcare outcomes
- Collaborate with highly skilled engineering and product teams
- Influence security strategy and architecture at an enterprise scale
- Hybrid working model(Sydney office, 2 days per week onsite)
Candidates must have full Australian working rights.
Certus Recruitment Group is a well-established and experienced specialist consultancy providing sales, marketing, and IT recruitment services. We serve the technology sector across Australia, North America, the UK, and Europe.