The Beonic Cyber security function offers security advisory, design & architecture that will be enabled by a team of security experts that will be positioned to have a deep understanding of Beonic’s products and growth initiatives. The practice provides in-house security advisory with the technical expertise required to enable security by design in products, operations, client engagements and system development.

We are seeking a versatile Security Engineer who can operate across security operations and GRC, supporting both hands-on technical security and policy, risk, and compliance activities. This role is ideal for someone who:

• Enjoys working across domains, not in a silo
• Is comfortable balancing technical depth with governance responsibilities
• Thrives in a small team, where ownership and adaptability matter

You will help maintain and improve our ISO 27001 posture, support incident response, advise engineering and business teams, and ensure security controls are practical and effective. The role will be responsible to pitch security advice at a technical level, directly to key stakeholders. The role may also provide support with client-facing engagements, security reviews, and compliance initiatives.

Responsibilities (include but are not limited to):

• Participate in and support security incident response, acting as a key operational contact
• Monitor, triage, and respond to security alerts from cloud, endpoint, and SaaS platforms
• Support vulnerability management, security tooling configuration, and security hygiene
• Assist with secure configuration and hardening of cloud, systems, and applications
• Support DevSecOps practices and CI/CD security controls (where applicable)
• Maintain and continuously improve the ISO 27001 ISMS
• Support risk assessments, risk treatment plans, and control effectiveness reviews\
• Own and maintain security policies, standards, procedures, and evidence
• Support internal and external audits, including evidence collection and remediation tracking
• Assist with third-party risk assessments and customer security questionnaires
• Help translate technical controls into clear compliance and assurance language
• Provide pragmatic security guidance to engineering, product, and business teams
• Help embed security by design into projects and operational changes
• Act as a bridge between technical teams and compliance requirements
• Champion security awareness and good practices across the organisation

Knowledge and Experience

• 3–5 years’ experience in a security analyst, security engineer, or similar role
• Hands-on experience supporting security operations and/or incident response
• Working knowledge of ISO 27001, NIST, or similar security frameworks
• Experience in cloud environments (AWS, Azure, or similar)
• Strong understanding of core security concepts:

○ Identity & access management

○ Network and endpoint security

○ Application and data security

• Ability to document controls, risks, and processes clearly
• Comfortable working across technical and non-technical stakeholders
• Experience supporting audits or maintaining an ISMS
• Exposure to DevOps / CI/CD environments and security tooling
• Familiarity with:

○ EDR, WAF, IDS/IPS, firewalls

○ SaaS security and access controls

○ Vulnerability scanning and remediation processes

• Understanding of privacy and data protection (e.g. GDPR)
• Good judgement to scope, plan and manage the security support required by projects, juggling the demand from different business areas.
• Natural inclination to communicate complex technical concepts in simple diagrams, blueprints and solution definitions.
• Experience with Linux, windows operating systems
• Experience with a variety of security products including firewalls, EDR, IDS/IPS, WAF
• Good understanding of Active Directory, Windows, Linux, Routing, Wireless, Firewall Technologies and email
• Can demonstrate experience with security frameworks and best practices – OWASP, NIST, ISO 27001
• Deep understanding of application security protocols, cryptography, authentication, authorization (RBAC), Enterprise Application Integration (EAI)
• Deep understanding of privacy enhancement techniques and GDPR compliance

Qualifications:

• Bachelor's Degree - ideally in Computer Engineering, Computer Science or equivalent work experience in cybersecurity.
• Relevant certifications such as CISSP, CRISC, CISM, or SABSA are a plus

Attributes:

• Is enthusiastic about Beonic and our products and services
• Excited to work with a variety of technologies
  
• An enthusiasm for staying up to date with the very latest updates about security threats and solutions
• Outstanding communication skills that go beyond “tech talk” – the ability to translate complex security matters to non-technical audiences
• Ability to articulate technical information to those less informed both written and verbally
• Proven ability to work in a fast paced, dynamic and collaborative environment

Learn More

https://www.beonic.com/

Diversity and Inclusion

Beonic values the diversity of the people it hires and serves. We want to bring out the best in our global team members by creating a sense of belonging, being a place where they can grow, and ensuring everyone feels valued, heard, and supported.

Perks and Benefits

• Great co-working space to collaborate with colleagues in Surry Hills
• Day off on your Birthday each year
• Growth and Development working with a diverse and exciting ASX Listed company