About Laing O'Rourke

Laing O’Rourke is a $6 billion international operation with 70 years of involvement in Australian construction and infrastructure, including nearly two decades under the Laing O’Rourke banner. The business delivers projects as diverse as the environments in which they are built, from high security military bases and major rail transport infrastructure projects, through to landmark buildings at the transport interface.

Our deliver 2025 mission is to become the recognised leader for innovation and excellence in the construction industry, to achieve this will require exceptional information, technology and data capabilities to enable all parts of the Laing O'Rourke business.

That’s the #powerofexperience.

About the role

We are currently seeking a Cyber Security Engineer for our Corporate IT team with flexible hybrid working arrangement given the global nature of the role. 

Working in a global Cyber Security Team, the Cyber Security Engineer works closely with the Cyber Security Architect to produce detailed designs and implement all cyber security tools globally. The role can be based either in Brisbane/ Sydney/ Perth. 

This role offers great career prospects with a privately-owned tier 1 constructor and international engineering enterprise.

Key responsibilities

• Research, design and implements cyber security solutions that comply with applicable security policies and standards to reduce business risk.
• Work with Laing O'Rourke's business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments.
• Collaborate with the Cyber Security Architect on security roadmaps based on sound architecture practices that ensure Laing O’Rourke can maintain and achieve relevant industry security certifications. Act in an advisory role in application development or business/organisational projects to assess security requirements and controls as per policies and risk exposure.
• Keeping abreast of potential and emerging cyber security threats, vulnerabilities, and control techniques and the trade-offs required to manage the different levels of risk appetite and risk exposure across the business.
• Develop and maintain security architecture artifacts (designs, templates, standards, baselines) that can be used to leverage security capabilities in projects and operational teams. Collaborate on IT projects to ensure that security issues are addressed throughout the project life cycle (Secure-by-Design).
• Researches and assesses new threats and security alerts and recommends remedial actions. Play an active part in responding to and resolving critical security incidents (Prepare, Identify, Contain, Remediate, Recover) – Cyber Operations team handle day-to-day
• Work with key suppliers, partners and vendors to drive maximum value and security benefit from security services and solutions. Review security technologies, tools and trends to make recommendations to the security team / leadership for use based on security, financial and operational metrics.

About you

• Strong demonstrated experience with Windows Infrastructure
• Experience with common information security regulations, certifications and management frameworks, such as, Essential 8, NIST CSF and ISO 27001
• Excellent technical knowledge of mainstream operating systems and security technologies (firewalls, honeypots, web application firewalls, SIEM, EDR, Vulnerability scanners, content filtering, etc.)
• Knowledge of common vulnerabilities and exploitation techniques and methods available for application and system technology security testing.
• Knowledge and understanding of information risk concepts and principles as a means of relating business and project needs to security controls
• Has the ability to interface with, and gain the respect of, stakeholders at all levels and roles in the business
• Excellent written and verbal communications skills with the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• Strong demonstrated knowledge of cyber security technologies, enterprise systems, cloud solutions and generally accepted cyber security principles and accepted industry practices.

Benefits

We work hard to create an environment that brings out the best in our people. We believe in building careers through providing a safe, connected and innovative culture that supports ongoing growth and development. We offer industry-leading benefits such as specialised learning and development programs, a mental health and wellbeing program, industry leading paid parental leave policy, an additional purchased leave option and coaching programs for staff on parental leave.

Diversity & Inclusion

We are committed to building a workforce that reflects the diverse society in which we live and work. Laing O’Rourke is proud to hold the Workplace Gender Equality Agency (WGEA) Citation - Employer of Choice for Gender Equality.

Laing O'Rourke actively supports a diverse workforce and strongly encourages applications from Aboriginal and Torres Strait Islander Peoples and people from culturally diverse backgrounds. Download our Stretch Reconciliation Action Plan at https://www.laingorourke.com/company/diversity-and-inclusion

Applications from recruitment agencies will not be considered.