Senior Cyber Security Engineer
Hatch
Other Engineering
Australia
Posted on Apr 25, 2026
This is a Senior Cyber Security Engineer role with Australian Payments Plus based in AU
== Australian Payments Plus ==
Role Seniority - mid level, senior
More about the Senior Cyber Security Engineer role at Australian Payments Plus
The Game Changers
Australian Payments Plus (AP+) is here to shape the future of payments for Australia. We aim to deliver more innovation to Australia’s payments ecosystem, for the collective benefit of Australian businesses, government and consumers.
Our solutions include Australia’s domestic debit network, real-time, data rich payments infrastructure, secure bill payments, digital identity verification, QR payments and experiences and open wallet solutions. It’s a new chapter with more possibilities.
The Purpose
The purpose of this role is to lead the design, build and operation of enterprise security controls and platforms that protect AP+ payments services across cloud and on-prem. Act as the technical escalation point, set platform roadmaps, mentor engineers, and drive measurable risk reduction through secure-by-design engineering, automation, and high-quality detection and response.
Key Outcomes The Role Owns
At AP+, we believe in the power of passion, pride, and purpose.- Our team is driven by a shared mission to make a difference in the world of payments, and we're proud to work together towards this common goal.
If you’re ready to be a game changer, please submit your application. The Talent Acquisition team will endeavour to review your application and notify you of the outcome within the next two weeks.
We want to remove all barriers to inclusion so if you need advice or support with your application, we’re here to help. Please reach out to recruitment@auspayplus.com.au. We also encourage you to let us know your pronouns at any point during the recruitment process.
AP+ are not partnering with Recruitment agencies for this role.
Before we jump into the responsibilities of the role. No matter what you come in knowing, you’ll be learning new things all the time and the Australian Payments Plus team will be there to support your growth.
🟢 Please consider applying even if you don't meet 100% of what’s outlined 🟢
Key Responsibilities
A Final Note: This is a role with Australian Payments Plus not with Hatch.
== Australian Payments Plus ==
Role Seniority - mid level, senior
More about the Senior Cyber Security Engineer role at Australian Payments Plus
The Game Changers
Australian Payments Plus (AP+) is here to shape the future of payments for Australia. We aim to deliver more innovation to Australia’s payments ecosystem, for the collective benefit of Australian businesses, government and consumers.
Our solutions include Australia’s domestic debit network, real-time, data rich payments infrastructure, secure bill payments, digital identity verification, QR payments and experiences and open wallet solutions. It’s a new chapter with more possibilities.
The Purpose
The purpose of this role is to lead the design, build and operation of enterprise security controls and platforms that protect AP+ payments services across cloud and on-prem. Act as the technical escalation point, set platform roadmaps, mentor engineers, and drive measurable risk reduction through secure-by-design engineering, automation, and high-quality detection and response.
Key Outcomes The Role Owns
- Lead security architecture & engineering; define reference patterns and guardrails across cloud, network, endpoints and applications.
- Own platform roadmaps & lifecycle for EDR/XDR, SIEM/SOAR, vulnerability management, secrets/PKI/KMS, PAM/IAM, SASE, manage vendors/MSSPs.
- Set detection engineering roadmap; build high-fidelity use cases and SOAR playbooks; track precision/recall and dwell-time.
- Support major incident response; coordinate cross-team actions, drive RCA and hardening.
- Drive exposure & vulnerability management; risk-based prioritisation, SLA enforcement, and exception governance.
- Champion DevSecOps; secure CI/CD and IaC; harden containers/Kubernetes.
- Strengthen identity & access security; define PAM/JIT/JEA standards; automate joiner/mover/leaver.
- Assure compliance; map/evidence controls to ISO 27001, ASD Essential Eight, PCI DSS, APRA CPS 234; audit readiness.
- Provide security design reviews; sign-off on high-risk designs and advise senior stakeholders.
- Scale via automation and mentorship; deliver reusable modules/policies (Terraform, Python/PowerShell) and uplift engineers.
- Degree in Computer Science/Information Security or equivalent experience.
- Certifications valued: CISSP/CCSP/SSCP, SANS (e.g., GCIA/GCIH/GCFA), OSCP, AWS/Azure Security.
- 5–7+ years security engineering in financial/critical infrastructure or enterprise environments.
- Led design/operation of security platforms at scale (EDR/XDR, SIEM/SOAR, vulnerability management, PAM, PKI/KMS, secrets).
- Built detections/playbooks; led major incidents and post-incident hardening.
- Deep cloud security (AWS/Azure), containers/K8s, encryption, logging/telemetry.
- DevSecOps & IaC leadership (CI/CD, Terraform), SAST/DAST/SCA, policy-as-code; automation with Python/PowerShell/Bash & Git.
- Strong stakeholder influence, vendor/MSSP management, and mentoring
- Frameworks: ISO 27001/2, ASD Essential Eight, NIST CSF/800-53, PCI DSS, APRA CPS 234.
- Identity security (Entra ID/SSO/OIDC/SAML, MFA, conditional access, RBAC/ABAC/JIT/JEA) and crypto fundamentals.
- MITRE ATT&CK, detection engineering, logging normalisation; risk-based vuln/patch mgmt.
- Secure SDLC and threat modelling for distributed, cloud-native systems.
At AP+, we believe in the power of passion, pride, and purpose.- Our team is driven by a shared mission to make a difference in the world of payments, and we're proud to work together towards this common goal.
If you’re ready to be a game changer, please submit your application. The Talent Acquisition team will endeavour to review your application and notify you of the outcome within the next two weeks.
We want to remove all barriers to inclusion so if you need advice or support with your application, we’re here to help. Please reach out to recruitment@auspayplus.com.au. We also encourage you to let us know your pronouns at any point during the recruitment process.
AP+ are not partnering with Recruitment agencies for this role.
Before we jump into the responsibilities of the role. No matter what you come in knowing, you’ll be learning new things all the time and the Australian Payments Plus team will be there to support your growth.
🟢 Please consider applying even if you don't meet 100% of what’s outlined 🟢
Key Responsibilities
- 🔍 Leading security architecture & engineering
- 📈 Owning platform roadmaps
- ⚠️ Driving exposure & vulnerability management
- 🔒 Security architecture & engineering
- 🛠️ Detection engineering
- 🚀 DevSecOps & IaC leadership
- ☁️ Cloud security expertise
- 🔑 Identity security
- 📜 Compliance frameworks
A Final Note: This is a role with Australian Payments Plus not with Hatch.