Cyber Security Infrastructure Engineer

Company Description

Nine is Australia’s largest locally owned media company – the home of Australia’s most trusted and loved brands spanning News, Sport, Lifestyle, and Entertainment. We pride ourselves on creating the best content, accessed by consumers when and how they want – across Publishing, Broadcasting and Digital.

Nine’s assets include the 9Network, major mastheads such as The Sydney Morning Herald, The Age and The Australian Financial Review, radio stations 2GB, 3AW, 4BC and 6PR, digital properties such as nine.com.au, 9Now, 9Honey, Pedestrian.TV, Drive, subscription video platform Stan and a majority investment in Domain Group.

Our Purpose: We shape culture by sparking conversations, challenging perspectives, and entertaining our communities.

We bring people together by celebrating the big occasions and connecting the everyday moments. Australia belongs here. We bring our purpose to life via three shared values: We walk the talk, turn over every stone and keep it human.

Job Description

The Nine Cyber Security team is looking for a strong network focused cyber security engineer. This role plays a crucial role in safeguarding Nine’s critical systems and data by overseeing key controls that protect Nine’s data and content.

The Cyber Security Infrastructure Engineer will be delivering new capabilities such as network detection and response - including tuning detections and working closely with the SOC to deploy use cases to manage and treat the risks that Nine face.  Other facets of the role will include auditing and improving cloud based web application firewalls and other cyber security capabilities related to large scale, high bandwidth networks.

The role will also work closely with the networking team, auditing and reviewing and improving firewall controls across the group. Class leading visualisation and audit tools such as Algosec are currently being deployed - experience here a plus!

This role will also gain exposure to security in AWS and GCP, working closely with Cloud Security engineers and other members of the Cyber team.

This role will also assist the cybersec team in performing other key security functions such as vulnerability management and other cyber security engineering tasks involving product evaluation and implementation, risk management and security incident response.

Key accountabilities:

• Implement, configure, and maintain NDR solutions to securely manage, detect and respond to network events

• Appropriately manage risk by balancing business needs with network security policies and other controls

• Monitor and audit risky network activities, ensuring compliance with policies and promptly addressing any anomalies or security incidents.

• Conduct regular reviews of firewall / application / network security policies

• Prioritise network vulnerabilities based on risk and potential impact, working with relevant teams for resolution.

• Collaborate with IT and security teams to facilitate the timely remediation of identified vulnerabilities.

• Track and report on the progress of vulnerability remediation efforts to senior management.

• Stay informed about emerging threats and vulnerabilities by monitoring security advisories, research reports, and threat intelligence sources.

• Translate threat intelligence into actionable insights for managing risk

• Report on the effectiveness of network security policies and controls

Qualifications

• Bachelor's degree in cybersecurity, information technology, or a related field. Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) or equivalent.

• Proven experience in network security software or related cybersecurity software.

• Excellent communication and interpersonal skills.

• Analytical mindset with the ability to assess and address security risks.

• Proven experience in vulnerability management, penetration testing, or related cybersecurity roles.

• Strong understanding of vulnerability scanning tools, risk assessment methodologies, and best practices.

• Knowledge of common vulnerabilities and exposure (CVE) databases and industry standards like Common Vulnerability Scoring System (CVSS).

• Excellent communication and collaboration skills.

• Analytical mindset with the ability to prioritise and address security vulnerabilities effectively.

Additional Information

Our Commitment to Diversity and Inclusion:

At Nine, we are committed to fostering a workforce that embraces all aspects of diversity and inclusion and where practices are equitable to ensure our people experience a sense of belonging. From day one, you'll be encouraged to bring your whole self to work and will be supported to perform at your best. Should you require any adjustments to the recruitment process in order to equitably participate, we encourage you to advise us at the time of application.

We encourage applications from Aboriginal and Torres Strait Islander people, people with disabilities, and of all ages, nationalities, backgrounds and cultures.

Disclaimer: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes.