Cybersecurity Specialist
BHP
About BHP
At BHP we support our people to grow, learn, develop their skills and reach their potential. With a global portfolio of operations, we offer a diverse and inclusive environment with extraordinary career opportunities. Our strategy is to focus on creating a safe work environment where our employees feel strongly connected to our values and objectives, and where the capability of our people is key to our success.
Come and be a part of this success.
About the Role
The role can be based in Brisbane or Perth
The focus of this role is to provide technical subject matter expertise focused on application security. The candidate will be responsible for deploying and maintaining various application security capabilities, as well as establishing the necessary standards and controls, as part of the DevSecOps framework with a focus on the cloud environment.
In this role you will:
- Support the development and maintenance of the application security framework, ensuring key controls are in place and operate effectively throughout the application development lifecycle.
- Support the development and execution of the enterprise-wide application security program and associated performance metrics.
- Provide application security services including application security scans, code reviews, threat modelling, DevSecOps support, API security and container security.
- Define the security requirements and control gates in the software development lifecycle, including the operational processes and integration of Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) in the CI/CD pipeline
- Advise on secure coding guidelines based on industry’s best practices such as OWASP Top 10, NIST, etc.
- Participate in the establishment and maintenance of the Cloud Security Posture Management capability for secure hosting of applications.
About You
- Strong experience in the industry (Mining, Resources, Banking or Telco), domain areas (Secure-by-Design Application Development, DevSecOps, Application Security, Cloud Security).
- Foundational and cybersecurity related cloud certifications (AWS, Azure preferred or equivalent).
- Very good understanding of Cybersecurity best practices, standards and guidelines (NIST, OWASP, CVE, CVSS, etc)
- Experience in Cloud Security Posture Management solutions, Secure Development Life Cycle (SDLC), CI/CD pipelines, and DevOps programming languages.
- Knowledge and experience of Technology processes, systems and relevant security tools.
- Certified as a Cyber Security Professional (CISSP and/or CISM preferred or equivalent).
- Relevant background in secure application development/application security testing in the cloud environment e.g. Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Container Security, Secrets Management
About Our Process
At BHP, we are committed to employing individuals who align with the BHP Charter Values and meet the requirements of the role. As part of the recruitment process, there are a number of checks which may be conducted to demonstrate applicants suitability for a role including police / criminal background checks, medical, drug and alcohol testing, due diligence checks, right to work checks, and/or reference checks.
If you are already employed directly by BHP, please log in using your BHP email address or apply via our internal jobs portal.
Supporting a Diverse Workforce
The size, stability and magnitude of our business not only provides significant opportunity for professional development, but also attractive salary packages with performance-based bonuses and a best-in-class employee share program. We know there are many aspects of our employees' lives that are important, and work is only one of these, so we offer benefits to enable your work to fit with your life. These benefits include flexible working options, a generous paid parental leave policy, other extended leave entitlements and parent rooms.
At BHP, we know that we are strengthened by diversity. We are an Equal Opportunity employer that is committed to making BHP a safe and inclusive workplace where everyone can thrive and be at their best every day. We are focused on creating a workforce that’s more diverse and represents the communities where we work and live. providing a work environment in which everyone is included, treated fairly and with respect. We are an Equal Opportunity employer and recognise that true diversity includes gender, age, race, disability status, sexual orientation, religion, neurodiversity, education levels, and many more aspects of your identity.
BHP is committed to providing a recruitment process that is fair, equitable and accessible for all. If you have a disability, we know that it may be helpful for us to adjust our process to make it equitable for your individual situation. If you would like to reach out to someone about your situation and our recruitment process, please email us at [email protected].