About the Consultancy
Join a leading international consultancy delivering enterprise‑scale cloud security, DevSecOps, and platform transformation programs across government and highly regulated industries globally. Our teams work at the forefront of cloud security operations, helping organisations uplift their security posture while enabling secure, scalable cloud adoption.
About the End Client
The end client is a large organisation operating within a regulated, government‑aligned environment, with significant Azure and AWS cloud estates. This role supports the ongoing operation, optimisation, and uplift of cloud security controls to ensure compliance with Australian Government security frameworks and organisational standards.
About the Role
An exciting opportunity exists for an experienced Cloud Security Engineer to maintain and enhance the security posture of Azure and AWS environments on a day‑to‑day basis.
You will focus on operating and optimising Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) capabilities, implementing policy‑as‑code, assessing compliance against ISM and PSPF, and delivering clear, actionable security uplift recommendations.
This role works closely with platform, DevOps, and security teams to ensure cloud services are securely configured, continuously monitored, and aligned with regulatory and organisational security requirements.
Start: Mid‑June 2026
Locations: Sydney, Melbourne, Canberra, Brisbane, Adelaide
Key Responsibilities
- Operate and optimise CSPM and CWPP solutions across Azure and AWS environments.
- Assess cloud environments against ISM and PSPF controls, identify gaps, and drive remediation activities.
- Develop and maintain policy‑as‑code using tools such as Azure Policy, AWS Config, Terraform, or similar frameworks.
- Build and maintain cloud security dashboards providing visibility into posture, compliance, and risk trends.
- Collaborate with cloud engineers and DevOps teams to embed security controls into CI/CD pipelines.
- Monitor cloud environments for misconfigurations, policy violations, and security risks, ensuring timely remediation.
- Support security assurance activities including audits, compliance reporting, and continuous improvement initiatives.
- Contribute to cloud security architecture reviews and provide SME input across Azure and AWS security services.
- Strong hands‑on experience with Azure and AWS cloud security services.
- Demonstrated expertise in CSPM and CWPP platforms and cloud‑native security tooling.
- Experience implementing policy‑as‑code and infrastructure‑as‑code security controls.
- Solid understanding of Australian Government security frameworks, particularly ISM and PSPF.
- Ability to translate technical security findings into clear, actionable remediation recommendations.
- Strong communication and stakeholder engagement skills.
- Australian Citizenship required.
- Must hold an active AGSVA Baseline Clearance.
- NV1 Clearance preferred or eligibility to obtain.
- Cloud security certifications such as:
- Microsoft Azure Security Engineer (AZ‑500)
- AWS Certified Security – Specialty
- Experience working in regulated or government environments.
- Familiarity with DevSecOps practices and CI/CD security integration.
- Additional certifications such as CISSP or CCSP are advantageous.
- Opportunity to work on enterprise‑scale Azure and AWS cloud security environments.
- This is a 12-Month initial contract with likely extensions
- Strong focus on CSPM, CWPP, and policy‑as‑code maturity.
- International consultancy environment with deep cloud security capability.
- Multi‑location flexibility across major Australian cities.
- Long‑term cloud security uplift initiatives with strong regulatory alignment.
Please upload your CV to apply. Suitable candidates will be contacted with next steps and may be required to complete additional selection criteria.
For further information, contact:
📞 Farbar Siddiq – 0489 922 211
📧 farbars@whizdom.com.au
Candidates must be willing to undergo pre‑employment and security screening as required.
