Engineer - Cyber Defence - Vulnerability Services
First a bit about ANZ
At ANZ, everything we do boils down to ‘why’ – our purpose – to shape a world where people and communities thrive. We're just as focused on seeing our people thrive as well as our customers. We'll give you every opportunity to develop your career.
We are responding faster to changing customer requirements, focusing on the things that matter the most, energising our people, eliminating waste and reducing bureaucracy.
ANZ has started to move to a new way of working, leveraging agile practices. To understand more about this new way of working and if this role is right for you, we strongly encourage you to take a look at The ANZ Way vimeo channel where you’ll find The ANZ Way animation and the New Ways of Working animation. Your team’s mission?
threats by identifying, cataloguing and communicating vulnerabilities. Cyber Defence is uplifting and enhancing its Vulnerability Services to ensure clear situational awareness for platform owners around vulnerabilities present in their operational environment. This squad provides timely reports of identified vulnerabilities, have extensive coverage of the ANZ operating environment and ensure platform owners are managing vulnerabilities in-line with compliance obligations.
As an Engineer
in Vulnerability Services squad, you will drive ANZ's information security efforts by providing vulnerability scanning services across the enterprise level infrastructure systems. In addition, this role will also help to automate vulnerability scanning services and maintain the toolset/platform so that it is up-to-date with versions and patch levels and also is scalable enterprise wide. What you bring to the Vulnerability Services Squad?
- Minimum five years of experience in performing enterprise level vulnerability scanning services of IT systems
- Strong communication and presentation skills
- A desire to continuously learn new techniques / technologies and bring innovative ideas into the squad
- Provide vulnerability assessment services across the enterprise IT systems including identifying the in-scope systems, configuring the scanning tool, initiating the scanning activity, triaging the scan results and reporting the vulnerabilities
- Experience in the usage of Tenable/Tripwire IP360/Qualys toolset for vulnerability scanning activity covering various IT systems and hybrid environments including internal and Internet facing systems, servers, devices, containers, cloud environment
- Assist in vulnerability prioritisation and provide remediation guidance to the concerned team
- Experience in the integration and automation of vulnerability scanning tools and processes at an enterprise level
- Maintain vulnerability scanning toolset (Tenable/Tripwire IP360/Qualys/similar toolset) deployed enterprise wide
At ANZ we aim to create an inclusive environment where employee differences such as gender, age, culture, disability, sexual orientation, family and caring responsibilities and religion are valued and supported. We work flexibly at ANZ. Talk to us and let us know how this role can be flexible for you.
- Execution of compliance driven vulnerability-scanning exercise at enterprise level (example: PCI scanning).
- Assist, define, implement, operate and continuously improve vulnerability scanning processes and operational procedures
- Integration of vulnerability scanning toolset with enterprise reporting tools such as Tableau, QlikView