At ASIC, you can be the change that ensures a fair, strong and efficient financial system for the benefit of all Australians. Contribute to delivering on ASIC's purpose, vision, and strategic priorities to help maintain the integrity of the financial system and protect consumers from harm. * Sydney based (Other locations considered) * From $123,444 - $131,725 (depending on experience) 15.4% superannuation * Permanent position * Applications close: 4 June 2025. The team The People, Transformation & Technology Group drives transformational change at ASIC through investments in people, processes, and technology. It integrates digital, data, and technology teams, supported by the enterprise program office, while maintaining core technology environments. The group includes Registry Interactions Services, Modernising Business Registers, and the Information Technology team, which leads ASIC's transformation agenda and technology platforms. The role The DevSecOps Engineer ensures security and operations across on-premise, AWS, and Azure environments. Responsibilities include: * Design, build, and maintain secure CI/CD pipelines integrating SAST, DAST, SCA, IaC scanning, and container security tools. * Automate security control testing, enforcement, and remediation in CI/CD workflows. * Champion the implementation of shift-left security practices within development and infrastructure teams. * Harden cloud environments in AWS and Azure, including IAM, networking, encryption, logging, and monitoring configurations. * Extend DevSecOps tooling and automation across on-prem Windows and Linux environments, integrating with hybrid identity and access management models. * Collaborate on secure design patterns for hybrid deployments and cloud-native architectures. * Secure and audit IaC repositories using tools such as Terraform and CloudFormation, ensuring compliance with defined policies. * Implement policy-as-code frameworks to enforce security guardrails. * Integrate and tune security monitoring and alerting systems across environments. * Participate in incident response investigations and assist in root cause analysis and remediation efforts. * Support internal and external audit and compliance initiatives. * Contribute to development of secure coding standards, playbooks, runbooks, and infrastructure hardening guides. About you Your application will be reviewed based on ability to demonstrate strong skills in the following areas: * Bachelor's degree in computer science, Information Technology, or a related field. * 5 years in DevSecOps, cloud security engineering, or secure infrastructure automation roles. * Strong hands-on experience with AWS and Azure security services and identity management (IAM, KMS, VPCs, Defender for Cloud, etc.). * Proficiency with DevOps toolchains (Git, CI/CD, Docker, Kubernetes, Helm, GitOps). * Practical experience with Infrastructure-as-Code (Terraform and CloudFormation). * Strong scripting skills (Python, Bash, PowerShell). * Familiarity with application and container security tooling. * AWS or Azure certification is a plus. View the position description for more information or click ‘apply' to start your application. Applications close at 11:59pm AEST, 4 June 2025 About ASIC ASIC's remit is one of the broadest of regulators across the world. ASIC regulates corporations, markets, financial services and consumer credit and monitors and promotes market integrity and consumer protection in the Australian financial system. Through our enforcement work, we hold to account those who contravene the law, working to achieve strong outcomes that address the greatest consumer and investor harms. ASIC is committed to a providing a diverse and inclusive workplace where the very best talent in Australia chooses to work. Indigenous Australians are encouraged to apply as well as applicants from all backgrounds and with different abilities. We offer a range of employee benefits including: * Attractive superannuation * Additional leave entitlements * 50/50 hybrid work-from home model * Flexible work arrangements * Assistance for study and professional development Click here to view ASIC's salary and benefits guide. To read more about ASIC, you can visit our website or review our Corporate Plan. To work with us, you need to be an Australian citizen and be prepared to complete an ASIC Suitability and Baseline Assessment.