H

Senior Security Engineer

HammondCare
Full-time
On-site
Nova Scotia, Canada

About us  


HammondCare is a not-for-profit, values-based organisation that is passionate about improving the quality of care for people in need. As one of Australia’s most innovative health and aged care providers, we aim to set the global standard of relationship-based care for people with complex needs. HammondCare provides care primarily through hospitals, residential care homes and home-based care as well as services for dementia support, community palliative care, rehabilitation, positive aging and older persons’ mental health.  


About the role  


As a Senior Security Engineer, you will play a critical role in safeguarding HammondCare’s information systems and infrastructure. You will be responsible for identifying vulnerabilities, responding to incidents, and implementing security measures to ensure compliance with industry standards.


This is permanent full-time position based at St Leonards with hybrid opportunities available.


What we can offer you


We care about your wellbeing at HammondCare and as a result offer a wide range of health and lifestyle benefits including: 



  • NFP salary packaging ($15,900 tax free) plus meals and entertainment benefit (up to $2,650 tax free)

  • Additional leave purchase options and 14 weeks paid parental leave

  • Flexible working options, including hybrid arrangements

  • Discounts on everyday products and services

  • Discounted healthcare memberships - access to network of fitness centres and pools for employees and families

  • Free access to independent counselling support for employees and families

  • Health & Wellbeing programmes

  • Reward & Recognition programmes

  • Referral bonuses

  • Career and professional development opportunities


Key Responsibilities include



  • Monitor and analyse security alerts and incidents, providing timely responses, remediation and root cause analysis

  • Conduct vulnerability assessments, penetration testing, and security audits to identify and mitigate risks

  • Contribute to the design and implementation of secure IT architectures, including the selection and deployment of appropriate security technologies and controls.  Ensure that security is embedded in the software development lifecycle (SDLC) and other business processes

  • Develop and implement security policies, procedures, and best practices to enhance the organisation's security posture

  • Collaborate with cross-functional teams to design and implement security controls across systems and applications

  • Stay up-to-date with the latest security threats, trends, and technologies, and recommend improvements

  • Conduct security training and awareness programs for staff to promote a culture of security

  • Respond to security incidents, perform forensic analysis, and develop post-incident reports

  • Assist in compliance audits and ensure adherence to relevant regulations

  • Provide technical leadership and mentorship to junior team members. Work closely with cross-functional teams (e.g., IT, Network, Marketing, Legal) to ensure security best practices are applied in day-to-day operations and initiatives

  • Leading BAU projects and contributing to other relevant projects and technology initiatives

  • Maintaining an effective testing environment and test changes to production servers in a controlled environment

  • Develop policies procedures and other documentation required to support the Microsoft Server environment

  • Coordinating with Operations team to manage the support of the servers and associated infrastructure, ensuring the ongoing availability and reliability of systems is maintained

  • Availability as an escalation point via managed on-call roster.


About You 


Essential



  • Commitment to engage and align with HammondCare’s Christian Mission, Motivation and Mission in Action

  • Proficient in security technologies and tools, including SIEM, EDR, IDS/IPS, firewalls, VPNs, and DLP, with hands-on experience in penetration testing, vulnerability management, and third-party risk management

  • Strong understanding of security frameworks, compliance standards, such as NIST, ISO 27001, and ASD E8, and experienced in implementing risk management methodologies

  • Extensive experience with Microsoft technologies, including Active Directory, Azure, and M365 security tools, with expertise in securing cloud workflows and managing Azure security controls for ongoing monitoring and evaluation of security posture

  • Skilled in implementing and managing access controls, permissions, and security policies to ensure compliance and mitigate risks

  • Strong analytical and problem-solving abilities, with a proactive approach to identifying and mitigating vulnerabilities, thinking like an attacker, and implementing effective countermeasures

  • Excellent communication and interpersonal skills, able to translate complex security concepts for non-technical stakeholders and collaborate effectively across teams

  • Proven self-starter with strong organisational skills, capable of working independently, driving project timelines, and escalating issues as necessary to ensure objectives are met

  • Hands-on experience with security tool implementation, configuration, and maintenance, as well as writing policies, procedures, and other supporting documentation

  • Effective project management skills, including prioritizing tasks, managing multiple deadlines, and negotiating solutions with key stakeholder

  • Strong customer service focus, with a proactive, service-oriented work ethic and the ability to thrive under pressure


Education



  • Bachelor’s degree in Computer Science, Information Security, or a related field; Master’s degree preferred

  • ITIL v4 Foundation Certified

  • Over 5 years of experience in information security, as a security engineer, analysist, incident responder or security lead

  • In-depth knowledge of security principles, threat intelligence, attack methodologies, and defense strategies


Desirable:



  • Experience with scripting languages (e.g., Python, PowerShell) for automation, reporting, and threat analysis

  • Familiarity with SOAR automation workflows and playbooks

  • Relevant security certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are highly desirable


 


To Apply 


If you are ready to make a difference with HammondCare, Apply Now! 


Pre- Employment Checks  


All short-listed applicants will be asked to consent to a criminal record check and references. 


 


HammondCare is committed to creating an inclusive workplace that promotes and values diversity and inclusion. We strive on creating an equal employment environment where everyone from any background can be themselves.