Principal Security Engineer

We're reimagining the way Australians live, work, and play. We own and manage some of the most recognisable and loved retail destinations across Australia.

 
We’re evolving our portfolio into destinations that offer a broad selection of retail, residential, and office spaces. Through our diverse portfolio, data-led decision-making, and nationwide development pipeline, we do things differently.

We are Vicinity.

Role purpose

The key purpose of the Principal Security Engineer role is to lead the design, implementation, and management of advanced security solutions to protect organisational systems and data. This role provides both people and technical leadership to the security engineering team, ensuring the development, implementation, and maintenance of robust security solutions. Responsibilities include identifying and mitigating security risks, conducting risk assessments, overseeing secure system architectures, and responding to security incidents to minimise impact. It involves developing and enforcing security policies, fostering a culture of best practices, security awareness, and continuous improvement, while ensuring compliance with relevant standards and regulations. The Principal Security Engineer collaborates closely with IT and security teams to enhance the organisation's overall cybersecurity posture.

Key Accountabilities

People Leadership 

• All elements of the annual performance cycle are completed by the due date (including goal setting, mid-year reviews, EOY conversations).
• Regular 1:1’s, team meetings and development conversations conducted - minimum monthly cadence.
• Performance issues are managed in an effective and timely manner.
• Quarterly development conversations conducted with all team members.
• 100% of compliance training is completed on time for team.
• All health and safety, risk and compliance requirements are delivered across the team.
• Effective management of budgets as per forecast with demonstrated focus on managing cost.
• Demonstrated commitment to building own capability as a people leader.

Technical Leadership    

• Provide technical leadership and guidance to the security engineering team.
• Oversee the design, implementation, and maintenance of security solutions to protect the organisation's information assets.
• Ensure security solutions are aligned with industry best practices and business objectives.

Security Strategy & Roadmap    

• Ensure security technology roadmap is aligned to overall security and technology strategy supporting business priorities.
• Define appropriate security technologies to maximise cyber defence capabilities.

Solution Delivery & Management    

• Oversee the entire lifecycle of security engineering projects, from initial engagement and requirements gathering through architecture design, development, testing, implementation, and ongoing support.
• Ensure projects are delivered on time, within budget, and meet agreed-upon quality standards.

Collaboration & Support    

• Work closely with other IT and security teams to support security-related activities.
• Provide technical support and troubleshooting assistance for security issues.

Vendor Management    

• Manage relationships with key technology vendors, negotiating contracts and service level agreements (SLAs) to ensure cost-effectiveness and high-quality service delivery.

Documentation & Reporting    

• Oversee the maintenance of accurate and up-to-date documentation of security configurations, processes, and procedures.
• Generate reports on security performance, incidents, and compliance as required.

Innovation & Emerging Technologies    

• Stay abreast of emerging technologies and industry trends, evaluating their potential impact on the business.
• Identify opportunities to leverage new technologies to enhance IT service delivery.

Key Role Relationships

• IT Support
• Security
• Functional Managers
• Managed Service Providers
• External Vendors
• External Consultants

Experience & Capabilities

ESSENTIAL EXPERIENCE (what you have done)    

• Bachelor’s degree in computer science, information technology, or similar.
• Over 10 years of experience in security engineering and management.
• Experience with security technologies and practices, including vulnerability management solutions, incident detection and response solutions, data loss prevention systems, firewalls, intrusion detection/prevention systems, and encryption.
• Strong understanding of security standards, regulations, and best practices.
• Experience in leading and managing a technical team.

CRITICAL KNOWLEDGE (what you need to know)    

• Proficient in security technologies, tools, and practices.
• Knowledge of security standards, regulations, and best practices.
• Understanding of data protection, encryption, and security monitoring techniques.
• Demonstrated agility and effectiveness in implementing change initiatives to optimise productivity and focus.
• Leverage security technology and information to inform effective decision-making and improve security efficacies and performance.
• Proactively seek and implement more efficient and effective work methods, establishing standardised procedures and mitigating potential risks.

CAPABILITIES (what you can do)

• Strong verbal and written communication skills, effectively engaging with internal and external stakeholders.
• Strong analytical and problem-solving skills, with the ability to troubleshoot and resolve security issues.
• Manage vendor relationships, negotiates contracts, and conducts performance reviews to ensure high-quality service delivery.
• Effectively collaborate with IT and security teams to support security-related activities.
• Provide technical support and troubleshooting assistance for security issues.
• Monitor and analyse security performance, identifying and resolving issues to ensure optimal security.
• Implement and maintain security measures to protect information assets.
• Maintain accurate and up-to-date documentation of security configurations, processes, and procedures.

PERSONAL ATTRIBUTES (who you are)    
You consistently demonstrate and role model the behaviours that bring the Vicinity values to life: 

Respect: 

• We listen to and acknowledge each other's views 
• We have difficult conversations with care 

Integrity: 

• We back our words with the right actions
• We do the right thing, no matter the situation

 
Customer Focus: 

• We nurture a genuine connection with our customers 
• We consider customer needs when making decisions 

Collaboration: 

• We invite the right people to the table 
• We balance consensus with decisive actions 

Excellence: 

• We always strive to improve
• We share our challenges and celebrate the wins
   

Why Vicinity?

Our benefits program focuses on creating an awesome place to work in which our people are rewarded and recognised. This includes:

• Flexible working options 
• Birthday leave & purchased additional leave
• $1,000 worth of VCX securities rewarded for eligible team members
• Internal mentoring program
• Generous Parental Leave

We live and work by our values of Respect, Integrity, Customer Focus, Collaboration and Excellence.  They are the foundation to everything we do and provide us a north star with which we can shape meaningful places where communities connect.

At Vicinity we embrace and celebrate diversity and are committed to creating an inclusive work environment where we attract, retain and develop our people regardless of gender identity, ethnicity, sexual orientation, disability and age. Applications are encouraged from all sectors of the community and we strongly encourage applications from the Aboriginal and/or Torres Strait Islander community.

Our people and our Employee Advocacy Groups (Gender Balance, Cultural Diversity, Disability & Access and Pride & Allies) actively build community and provide allyship within Vicinity. If you’d like to speak to someone to understand what it’s like firsthand to work here, please reach out to our Talent Acquisition team.

We are aware of current limitations with our website accessibility and are working towards improving this. Should you experience any issues accessing information in this job advertisement or the application form, and require this in an alternate format, please contact our Talent Acquisition Team. Similarly, if you would like to discuss workplace accessibility, any reasonable adjustments we can make to better support you during the recruitment process, or your potential future role please reach out to our Talent Acquisition team:

Email: talent.acquisition@vicinity.com.au

Phone: +61 3 7001 4000 (request to speak to our Talent Acquisition team)

Note: To be eligible to apply for this position, you must have existing, relevant Australian work rights. At the later stages of the recruitment process the shortlisted candidate/candidates will be required to undergo a Criminal History Background/Police Check as a mandatory part of the process. Additional qualification checks may also be required dependant on role and level.