Job Type:
Permanent - Full Time
Location:
Sydney office
Job Category:
Shared Services
Join NobleOak as a Cyber Security Specialist , where you’ll play a vital role in protecting our systems and data. In this hands-on role, you’ll be responsible for maintaining and enhancing cyber security tools, responding to incidents, and ensuring our cyber posture aligns with regulatory and internal standards. You’ll also work closely with business teams to advise on cyber risks across projects and initiatives. This role combines technical expertise with compliance awareness and is critical to maintaining the integrity and resilience of our digital environment. The ideal candidate is someone that is happy to help out the wider IT team with application support, expert advice and participate in exiting NobleOak projects.
Job Description
Key Accountabilities
Security Operations & Monitoring : Manage daily monitoring of security posture including controls, governance, processes, and frameworks to identify and respond to threats in real time. Possess a deep understanding of application security threats, exploitation techniques, and mitigation strategies.
Incident Response: Lead security investigations, coordinate responses, and document outcomes for future resilience.
Governance & Compliance: Support compliance and assist with audits, and maintain relevant policies and procedures.
Security Assessment: Conduct security assessments across different IT systems, processes, and projects to ensure risks are identified and managed from design, implementation, and support using both automated and manual methods.
Third-Party Risk: Conduct cyber risk assessments of vendors and partners, supporting secure procurement and onboarding processes.
Security Awareness & Education : Lead initiatives to increase cyber awareness and influence positive behaviours across teams.
Reporting & Insights: Develop, track, and deliver regular cyber metrics and updates from across IT systems and 3 rd parties. .
Application Testing & Support End-to-End application testing to identify improvements and quality check.
Key Responsibilities
Communication – Listen actively, clarify concerns, and handle complex conversations professionally.
Stakeholder Management – Build reliable, trusting relationships with external vendors and team members.
Process Improvement – Identify and implement opportunities to enhance the IT experience with the aim of optimising operational effectiveness and efficiencies.
System improvement – Develop requirements for future system upgrades/enhancements as required.
Projects – Involvement and support in key IT and/or operational projects as required.
Delivery focus – Strive to exceed all metrics and KPIs while providing excellent consistent customer service.
Continuous Improvement – Identify gaps and implement improvements across tools, processes, and security posture.
Culture Champion – Like all NobleOak roles, this role must be a strong ambassador and champion of the NobleOak high-performance culture and brand values. Always displaying positivity, energy and integrity, taking responsibility for actions and building on a positive and engaging diverse team dynamic.
Desired Skills and Experience
Capabilities
Hands-on technical knowledge across cloud network security, application and API(Web) security, endpoint protection, and threat detection.
Proven experience in cyber security within cloud based environments, ideally experience with NIST, Essentials 8, and ISO27001 compliance.
Relevant certifications (e.g., CompTIA Security+, CISSP, CISM, or SANS) are desirable but not essential.
Strong knowledge of security tools (e.g., SIEM, EDR, vulnerability scanning) and penetration testing.
Ability to assess risks to information assets and recommend effective mitigation strategies.
Assist with implementing and configuring new systems, applications, and network devices meeting security standards.
A proactive and collaborative mindset with strong problem-solving skills.
Experience & Qualifications
3–5 years of experience in a cyber security or IT security role, ideally within financial services or insurance.
Experience in security tools (e.g., SIEM, EDR, vulnerability management platforms, pentest).
Track record of responding to incidents and supporting audits or internal reviews.
Familiarity with security control frameworks and regulatory requirements (e.g., ISO 27001, NIST, SOC 2).
Report job
