Federal Government Security Vulnerability Analyst
About the Role
The Cybersecurity Specialist – Vulnerability Management is responsible for providing industry-leading vulnerability management services to Optus Enterprise and Business customers as part of a customized security managed service solution.
* Operational ownership of vulnerability identification, assessment, patching, and risk prioritisation.
* Coordinating remediation activities.
* Reporting and communication.
* Compliance and policy enforcement.
* Contributing to the development of vulnerability management standards and policies.
In addition to managing vulnerability services above, the Cybersecurity Specialist will lead or participate in projects related to assist in incident response events and exercises, threat management, penetration testing, and conduct user training to improve cybersecurity awareness.
They will ensure that risk, compliance and validation activities are accurately documented and communicated to various business partners.
This role requires regular meetings with internal and external partners, strong written and oral communication skills, and the ability to influence and engage effectively.
The day-to-day responsibilities include:
* Managing daily operations of Tenable (Nessus) and other vulnerability management tools, ensuring adequate scans and assessments across Optus and its customers as per contracts.
* Collaborating with technology owners to ensure timely patching and remediation of vulnerabilities and issues.
* Conducting large-scale vulnerability scanning, and participating in automated and manual penetration testing exercises, developing remediation plans with system owners and tracking progress.
* Developing and maintaining a reporting framework for communicating key vulnerability and risk data through dashboards, spreadsheets, and customer-specific formats.
* Participating in security incident response, red team exercises, and process reviews to improve security practices.
Requirements
* Extensive hands-on experience in cybersecurity operations, with a background in IT infrastructure, cloud, or applications, and preferred certifications in Vulnerability Management or other cybersecurity disciplines.
* Demonstrable experience with vulnerability assessment tools such as Tenable Nessus (preferred), or Qualys, familiarity with Service NOW, conducting detailed vulnerability assessments, risk prioritisation, vulnerability remediation, reporting and penetration testing.
* Solid grasp of networking technologies, cloud, servers and applications, good understanding of the OSI model and IP networking, and the ability to explain security issues to both technical and non-technical audiences.
* Extensive expertise in managing and configuring vulnerability management systems (e.g. Nessus, Qualys), exposure to risk management frameworks (e.g. ISO31010, NIST Risk Management Framework), with a deep understanding of security issues across Cisco, Windows and Linux systems.
* Experience in implementing security audits, assessments, and processes, exposure to SIEM solutions (e.g. SPLUNK, Arc Sight) and developing security strategies and mitigation plans.
* Outstanding problem-solving, communication, and troubleshooting skills, with a demonstrable ability to prioritise urgent work tasks, meet deadlines under pressure, and collaborate effectively with multi-functional teams.
What's in it for you?
* Flexible working arrangements: 3 days in the office, 2 days remote – with flexible hours to suit.
* Inclusive paid parental leave, up to 14 weeks for the primary care giver.
* All Optus employees have access to resources, webinars and support via the 'Parents at Work portal'.
* Own your own growth by accessing an extensive online and facilitator led learning catalogue – even earn a MBA micro-credential via Optus U (University).
* Connect at work through one of our employee-led volunteer groups: Culture Connect, Elevate Women, Disability Network, Express Yourself (LGBTQIA+), United Veterans and Yarn Network.