Senior Cyber Security Engineer

The Game Changers:

Australian Payments Plus (AP+) is here to shape the future of payments for Australia. We aim to deliver more innovation to Australia’s payments ecosystem, for the collective benefit of Australian businesses, government and consumers.​

Our solutions include Australia’s domestic debit network, real-time, data rich payments infrastructure, secure bill payments, digital identity verification, QR payments and experiences and open wallet solutions. It’s a new chapter with more possibilities.​

The Purpose

The purpose of this role is to lead the design, build and operation of enterprise security controls and platforms that protect AP+ payments services across cloud and on-prem. Act as the technical escalation point, set platform roadmaps, mentor engineers, and drive measurable risk reduction through secure-by-design engineering, automation, and high-quality detection and response.

Key Outcomes the Role Owns:

• Lead security architecture & engineering; define reference patterns and guardrails across cloud, network, endpoints and applications.
• Own platform roadmaps & lifecycle for EDR/XDR, SIEM/SOAR, vulnerability management, secrets/PKI/KMS, PAM/IAM, SASE, manage vendors/MSSPs.
• Set detection engineering roadmap; build high-fidelity use cases and SOAR playbooks; track precision/recall and dwell-time.
• Support major incident response; coordinate cross-team actions, drive RCA and hardening.
• Drive exposure & vulnerability management; risk-based prioritisation, SLA enforcement, and exception governance.
• Champion DevSecOps; secure CI/CD and IaC; harden containers/Kubernetes.
• Strengthen identity & access security; define PAM/JIT/JEA standards; automate joiner/mover/leaver.
• Assure compliance; map/evidence controls to ISO 27001, ASD Essential Eight, PCI DSS, APRA CPS 234; audit readiness.
• Provide security design reviews; sign-off on high-risk designs and advise senior stakeholders.
• Scale via automation and mentorship; deliver reusable modules/policies (Terraform, Python/PowerShell) and uplift engineers.

You bring:

• Degree in Computer Science/Information Security or equivalent experience.
• Certifications valued: CISSP/CCSP/SSCP, SANS (e.g., GCIA/GCIH/GCFA), OSCP, AWS/Azure Security.
• 5–7+ years security engineering in financial/critical infrastructure or enterprise environments.
• Led design/operation of security platforms at scale (EDR/XDR, SIEM/SOAR, vulnerability management, PAM, PKI/KMS, secrets).
• Built detections/playbooks; led major incidents and post-incident hardening.
• Deep cloud security (AWS/Azure), containers/K8s, encryption, logging/telemetry.
• DevSecOps & IaC leadership (CI/CD, Terraform), SAST/DAST/SCA, policy-as-code; automation with Python/PowerShell/Bash & Git.
• Strong stakeholder influence, vendor/MSSP management, and mentoring
• Frameworks: ISO 27001/2, ASD Essential Eight, NIST CSF/800-53, PCI DSS, APRA CPS 234.
• Identity security (Entra ID/SSO/OIDC/SAML, MFA, conditional access, RBAC/ABAC/JIT/JEA) and crypto fundamentals.
• MITRE ATT&CK, detection engineering, logging normalisation; risk-based vuln/patch mgmt.
• Secure SDLC and threat modelling for distributed, cloud-native systems.

What happens next:

At AP+, we believe in the power of passion, pride, and purpose.­ Our team is driven by a shared mission to make a difference in the world of payments, and we're proud to work together towards this common goal.

If you’re ready to be a game changer, please submit your application. The Talent Acquisition team will endeavour to review your application and notify you of the outcome within the next two weeks.

We want to remove all barriers to inclusion so if you need advice or support with your application, we’re here to help. Please reach out to [email protected]. We also encourage you to let us know your pronouns at any point during the recruitment process.

AP+ are not partnering with Recruitment agencies for this role.