Security Engineering Manager

Will you actively create a healthier future for tomorrow?

At Medibank we’re encouraged to think big. We have a clear purpose to impact better health outcomes for our customers, patients and our community.

We celebrate diversity of thought because we want to make better decisions for our customers. As we work towards our goal of better health for better lives, we value the knowledge and contribution of Aboriginal and Torres Strait Islanders. We are working hard to create an inclusive workplace and develop Indigenous careers.

The Opportunity

At Medibank, we are continuously looking at ways to develop, maintain and support security controls across the organisation which is why we are on the lookout for a technical and analytical Security Engineering Manager who is an inspiring leader, has a curious eye, and is looking to solve complex problems in a challenging environment using state of the art security solutions.

The Security Engineering Manager will be responsible for the management of the IT Security Engineering team in Medibank, along with the processes, and the state-of-the-art technologies owned by the team for all IT Security activities at Medibank.

In this role, your responsibilities will include:

• Manage the Security Engineering team that is responsible for Identify, Protect and Recover NIST functions
• Utilising your extensive knowledge in security technologies, information systems, processes, and procedures, you will play an instrumental role in mentoring and coaching the team
• Assist Security Delivery team in designing, planning, and implementing security solutions for the organization
• Provide support for continuous improvements to the Enterprise SIEM platform for faster detection and response for Security Incidents
• Create SOAR playbooks to automate response to common Security and Infrastructure events
• Be the point of escalation for a 24/7 on-call roster to respond to security and infrastructure events on Medibank systems
• Configure, manage, and use Security tools like Endpoint Protection Platforms, Vulnerability Scanners, Firewalls, SIEM, SOAR, Email Gateway, IAM, etc, and perform continuous improvement to implement better protection policies in the existing security toolset
• Deliver and maintain operating procedures and security controls for compliance against most common security standards and frameworks like PCI-DSS, NIST, etc
• Be the technical expert in the Security Engineering space, providing technical advice to both IT and business stakeholders by utilising internal and external knowledge sources and research capabilities
• Proactive learning of the company network, new security/network technologies and developments, and associated vulnerabilities
• Determine the relevance to Medibank of these technical security influences and trends, utilising them to build new detections, mitigations, and processes to protect Medibank from the next generation threats

Your experience will include:

• Experience in setting up and leading a Security Engineering team starting with hiring, managing performance, provide coaching and mentoring, and ensuring a continuous improvement culture is being inculcated within the team
• 5+ years’ experience in information security or a related field
• Data and risk-driven analytical approach toward solving complex challenges and driving improvements over time
• A passion for information security and a history of contribution to the security community
• Understanding and experience with TCP/IP and networking equipment such as switches, firewalls, and routers
• Hands-on experience managing AWS and Azure environments
• Hands-on experience managing Windows and Linux environments
• Experience with one or more of Python, Perl, Bash, Go, C/C++ and/or Java.
• One or more security-related certifications, such as CISSP, CEH, CISA, CISM, SECURITY+, etc. (Desirable)

A career with us

At Medibank, we believe work is something we do, not somewhere we go. Our modes of working – Collaboration, Connection and Concentration – help inform how your day is structured and where you choose to work will vary, depending on your role and requirements.

The wellbeing of our employees is our priority. We encourage you to talk to us about any adjustments or additional support you may require during the recruitment process, as well as how this role can be flexible for you. Virtual interviews are always on offer and will not adversely impact your application.

We offer a range of great benefits such as subsidised private health insurance, rewards and discounts, and health and wellbeing initiatives. To find out more, click here.

To start small and impact bigger.