Security Engineer

Company Description

Whether you’re working from home or on your way to the office, chances are you’re probably reading this because you’re seeking a new adventure, or you’re up for a new challenge. GROW Inc might just be that for you! 

So, who is GROW Inc? 
Founded in 2016, we’re the Australian FinTech success story you probably haven’t heard about. We’re solving big problems in the Superannuation and Managed Funds industry. The administration platforms (the software that tracks everything to do with your super) are built on things you or your parents would recognise from the glory days of 90’s computing.

How are we doing it?
We’re solving this by disrupting the wealth management industry with DLTA, our platform built on Distributed Ledger Technology which improves the financial wellbeing of Australians. We’re making Super more timely and information more accessible whilst enabling wealth management companies to offer more cost effective solutions.

We’re rebels with a cause. We’re authentic, diverse, and embrace our differences as we continue to put a dent in the universe. We know diversity of thought helps us to build better solutions for our customers which is why we encourage the entire GROW team to bring their whole selves to work each and every day.

Job Description

The Security Engineer plays a crucial role in designing, implementing, and maintaining robust security measures to protect our infrastructure and products at GROW.

The Security Engineer is responsible for developing and implementing security strategies, protocols, and technologies to safeguard GROW against potential threats and vulnerabilities. Collaborating closely with cross-functional teams, including software engineers, network administrators, and system architects, to integrate security measures into GROW’s products and systems.

Key Responsibilities

• Contribute to security strategies, policies, and procedures to protect GROW's infrastructure, networks, and data.

• Conduct regular security assessments, vulnerability scans, and penetration testing to identify and mitigate potential risks and vulnerabilities.

• Implement security solutions, including firewalls, intrusion detection/prevention systems, data encryption, and access control mechanisms.

• Monitor and analyze security logs and events to detect and respond to security incidents in a timely manner.

• Collaborate with software engineering teams to integrate security best practices into the software development life cycle.

• Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices to proactively address emerging threats.

• Conduct security awareness training and educational programs for GROWgetters to promote a security-conscious culture within GROW.

• Participate in incident response activities, including investigations, root cause analysis, and remediation planning.

• Collaborate with external stakeholders, such as auditors, vendors, and clients, to ensure compliance with relevant security standards and regulations.

Qualifications

• Tertiary qualifications or equivalent industry experience in Information Security.

• Proven experience in a security role, preferably in a fast-paced and technology-driven environment.

• Deep understanding of network security principles, protocols, and technologies, including SIEM, Firewalls, VPNs, IDS/IPS, and encryption.

• Knowledge of security best practices and industry standards (e.g., OWASP, ISO 27001, NIST).

• Hands-on experience with vulnerability assessment tools, penetration testing methodologies, and security incident response.

• Strong Programming/scripting skills (e.g., Python, Golang, Bash, Terraform) to automate security tasks and analyze security data.

• Familiarity with cloud security concepts and technologies for at least one cloud provider (e.g., AWS, Azure, GCP).

• Strong analytical and problem-solving skills with the ability to identify and mitigate security risks effectively.

• Good interpersonal and communication skills, with the ability to collaborate with diverse teams and present complex security concepts to non-technical stakeholders.

• Good stakeholder management, and the ability to juggle multiple priorities.

Highly Desirable
 

• Information Security certifications (OSCP, CREST, etc.)

• Experience presenting to senior leadership, clients.

Additional Information

Why you’ll love working at GROW

• Birthday Leave - Take an extra day off per year on your birthday!
• Hybrid Work Arrangement - We have a true hybrid arrangement!
• Exciting Discounts - Think movie tickets, gift cards & even electronics

Looking for a job can be stressful and we don’t want you agonising over the wording of your cover letter, so don’t include one. Just make sure your CV is well-written and detailed enough so we can get a better idea of the type of person you are. Even if you don’t meet every single requirement, but you feel inspired to join our mission, we encourage you to send in your application. You never know, you could be the perfect person to join our team!

We are a 2024 Circle Back Initiative Employer – we commit to respond to every applicant