Cloud SecOps Engineer

APA Group is seeking a Senior Cloud SecOps Engineer for a permanent, full-time hybrid role based in Melbourne, Sydney, Brisbane, or Adelaide. The position involves securing and enhancing the AWS cloud platform through security controls, automation, and DevSecOps processes. Responsibilities include managing security tools, automating monitoring, enforcing cloud security standards, and responding to incidents. Candidates should have extensive experience in AWS security, DevSecOps toolchains, and incident response.
The Opportunity

At APA, our purpose is to secure Australia’s energy future. We’re not doing it alone. We’re doing it with our customers and communities as Australia’s energy infrastructure partner, a role our unique experience and expertise positions us to play.

We now have an exciting opportunity for a Senior Cloud SecOps Engineer to join our Information Technology team on a permanent, full-time basis. This hybrid role can be based in Melbourne, Sydney, Brisbane, or Adelaide.

This SecOps Engineer role is responsible for securing, maintaining and enhancing the AWS cloud platform by implementing security controls, managing security tools and embedding security automation into DevSecOps processes. This role is part of the platform engineering team, which builds and maintains the AWS landing zone and foundational cloud toolchains (e.g. Prisma CNAPP, GitLab, Terraform, Vault, Nexus). While this team provides onboarding, governance and security tooling for workloads, it does not own or manage application workloads directly.

Key Responsibilities
• Lead the configuration, management, and integration of Palo Alto Prisma (CSPM, CWPP, CIEM) to enforce cloud security best practices and enhance overall security posture.
• Automate security monitoring and remediation using Prisma, AWS Security Hub, and GuardDuty, ensuring compliance with CIS AWS Benchmarks, NIST, and ISO 27001.
• Secure and enforce cloud infrastructure security standards by implementing best practices in Terraform and CloudFormation templates, developing pre-deployment security validation, and integrating policy-as-code for automated security controls.
• Support application teams by providing security tools for SAST/SCA vulnerability scanning, integrating pre-deployment security scanning for container images (Prisma), and enforcing least-privilege IAM policies within CI/CD pipelines.
• Investigate and respond to cloud security incidents, identify platform misconfigurations, and address workload protection alerts, leveraging hands-on experience in incident response, threat mitigation, and automation of security playbooks.

Your background
• Handson IT security experience, including focused on AWS cloud security, with hands-on experience managing and operating Prisma CNAPP for CSPM, CWPP, and CIEM.
• Extensive experience in DevSecOps toolchains (GitLab, Terraform, CloudFormation, Nexus) and integrating security tooling (SAST, SCA, container scanning) into CI/CD pipelines to ensure secure application development.
• Strong knowledge of security monitoring, vulnerability management, incident response, and ITIL service management, with experience in SIEM integration (Exabeam), privileged access management (Delinea), and key management (HashiCorp Vault).
• Hands-on experience securing container and orchestration platforms (ECS, EKS, Docker), with a deep understanding of security frameworks and controls specific to containerized workloads.
• Strong expertise in AWS security services (IAM, Security Hub, GuardDuty, KMS, SCPs, VPC security) and proficiency in Terraform and CloudFormation for securing infrastructure and enforcing policy-as-code (Sentinel, OPA, Checkov, Conftest).

About The Team

Technology drives everything we do at APA, from connecting millions of Australians to energy sources to achieving our net zero ambitions. Our technology teams are focused on delivering innovative solutions that position APA as a world leader in energy infrastructure. We're looking for people who are ready to make an impact-those who are courageous, nimble, and willing to take risks.

Working at APA

At APA we’re committed to fostering a safe and inclusive workplace where you can achieve your best. We’ll provide you with access to targeted career development programs, competitive remuneration, employee benefits, flexible working arrangements, and wellbeing programs. We also have an inclusive parental leave policy providing 18 weeks leave including superannuation to support parents at work and in life.

We employ more than 2700 people across Australia and are committed to creating a diverse and inclusive culture, where everyone feels safe, valued, and trusted to do their best every day.

We are APA

APA Group is a leading Australian energy infrastructure business.

We proudly own, operate and manage a diverse $26 billion portfolio of gas, electricity, solar and wind assets which deliver essential services to communities and customers across Australia. And we own more than 15,000 kilometres of gas pipelines which deliver energy to households and businesses across every corner of Australia.

As the partner of choice in delivering infrastructure solutions for the energy transition, we’re focused on bundled remote grid energy solutions, electricity and gas transmission, and future energy, including hydrogen and carbon capture and storage.

Our customer centric approach means we understand our customers and offer them reliable, innovative, and cost-effective energy solutions that support their decarbonisation ambitions.

We are committed to securing Australia’s energy future by delivering infrastructure solutions for Australia’s energy transition and supporting the decarbonisation ambitions of our customers and communities.

Join our team and be part of securing Australia’s energy future. We’d love to hear from you.

APA is an equal opportunity employer. The safety, health and wellbeing our people, community and environment a priority. We embrace diversity in our people to ensure our workforce is representative of the communities that we operate in.

Applicants must be eligible to work in Australia to be considered.

This vacancy works with critical APA data, systems or infrastructure and candidates are subject to background vetting (including Police checks) before & during employment.

Role closes Sunday, 27 April 2025. Role Reference Number JR2067

APA Group will not accept unsolicited resumes from recruitment agencies.

We will contact successful candidates after the closing date.