Title:  Senior Security Engineer

About John Holland

At John Holland, our purpose is simple – we transform lives with everything we do.

We’ve always known that infrastructure is about people — our customers, our employees, and the communities in which we work every day.

That’s our difference. Deep experience and capability with a genuine care about creating better lives for people along the way.

Be part of the team that’s up for the challenge of transforming lives for good.

About IT at John Holland

We’re at the forefront of AI in construction and are undertaking a large digital transformation. Our internal IT team is focused on providing service delivery excellence, optimised and resilient infrastructure, secure technology, innovative and scalable technology solutions, data driven solutions, and best in class digital experiences.

About the Cyber Security team

As one of Australia’s leading infrastructure builders, security is a critical part of assurance and protection for our staff, clients, and the Australian public. We work in a largely Microsoft ecosystem with Amazon Web Services cloud infrastructure, and manage risk, vulnerabilities, and compliance targets across these and all other enterprise solutions. Being a supporter of the business, we exist to keep our projects operating as efficiently and safely as possible while keeping our data, systems, and the assets that we create safe.

All alerts and incidents are raised through a 24/7 SOC provider and investigated jointly within the team to understand the environment and stop issues before they can escalate. All new ideas and technology are assessed with risk and opportunities appropriately managed. The team is close knit and although we operate independently on individual tasks, we share knowledge and support each other where help is needed.

Are you up for the challenge?

We are currently seeking a Senior Security Engineer to join our Information Technology (IT) team, based out of John Holland’s Flinders Gate office in Melbourne.

You will provide hands‑on security engineering support across Security Operations, with a focus on incident investigation and response, vulnerability management and remediation, as well as expert guidance to IT and business stakeholders across a range of security topics.

About the Role

• Act as a subject matter expert and assist managing security operations including alert management, incident response, vulnerability management etc
• Participate in threat hunting projects on internal systems
• Oversee vulnerability management through endpoint, server and infrastructure environments, prioritising and ensuring remediation based on risk and environment variables
• Develop a clear understanding of the JHG security technology landscape (AWS, Microsoft Endpoint, Network, IOT and low code apps) to best understand and share security requirements
• Develop security response playbooks with various teams within JHG to ensure an organised and timely response to security incidents
• Identify areas of improvement within the security operations environment
• Identify technical or process improvements in operational systems through continued monitoring and assessment
• Provide subject matter expertise in cyber security within various internal forums including architecture and change
• Establish and deliver roadmaps for cybersecurity operations in line with overall cyber security strategy
• Work closely with MDR provider to deliver alert, incident and threat hunting outcomes
• Assess and deliver improvements in security operations process policy and technology
• Demonstrate ownership, accountability and collaborate with cross-functional teams to develop, implement and manage security standards, plans/roadmaps and operational processes to secure the JHG technology platform that align with the cyber strategy
• Assess risk and risk mitigation plans for technology implementation
• Develop and maintain standard operating procedures for security operations
• Manage Cloud security compliance across AWS and Azure environments
• Develop continuous security automation actions
• Work closely with IT stakeholders to implement secure procedures and ways of working

About You

This position will require you to a hold a relevant qualification in Computer Systems, Information Technology, Cyber Security, or have substantial equivalent experience.

You bring strong problem‑solving and analytical skills, with previous experience in security operations roles. You have hands‑on experience securing large Microsoft and AWS environments, supported by deep knowledge of the Microsoft cloud security suite and experience working with cybersecurity frameworks and managing compliance requirements.

You are experienced in cloud infrastructure environments, including scripting, monitoring and automation, and have an awareness of and practical exposure to DevOps and SecOps practices. You take a practical, hands‑on approach to security engineering and enjoy working collaboratively to improve security outcomes.

As part of the team, you help us deliver on our promise to transform lives

Your success is reflected in ours, so we’re committed to being an employer of choice. We pride ourselves on having a diverse and inclusive workplace, as different perspectives and ideas will deliver our long-term success.

We want you to be with us for the long-term, so providing you with rich career experiences and ongoing development is our priority.

What’s in it for you

We’re about connecting your sense of purpose to ours. We understand that your career is one of the biggest ways to have an impact on the world. We also believe in supporting you as a whole person, not just an employee.

We reward and support our people in so many ways. This starts with being flexible about how different people like to work. From generous leave policies to wellbeing and relationship support, your needs sit at the heart of our employee benefits.

We offer:

Competitive remuneration with salary continuance, and salary sacrifice options.

Great leave benefits including 18 weeks paid parental leave with super and up to an extra 18 weeks of super paid on further periods of unpaid parental leave, multicultural leave exchange and two extra days to prioritise your wellbeing.

Career progression underpinned by our exciting pipeline of work means you’ll have the opportunity to work on iconic projects that are shaping cities and communities.

Learning and development opportunities where you’ll have access to emerging talent programs, building your career through clear career pathways, plus technical and leadership training and development opportunities.

Inclusion, diversity and equity is part of how we work. We want everyone at John Holland to feel that they belong – that’s why we’re working hard every day to foster a more inclusive culture, backed by a business-wide inclusion strategy to bring about meaningful change. We’ve also got active employee resource groups that support our commitments including those around gender equality and reconciliation.

Flexibility means different things to different people. Whether it’s flexi-hours, flexi-parenting, flexi-leave, flexi-shifts or flexi-work, we’re committed to helping our people work flexibly.