Principal Cloud Compliance Engineer I Brisbane, Adelaide, Perth

About the Role

The Principal Cloud Compliance Engineer role will be part of the BHP Cloud and Infrastructure, Cloud Services team. The focus of this role is to provide subject matter expertise on cybersecurity standards and service management requirements for the delivery of new or maintaining existing cloud platform capabilities. The candidate will develop and publish cloud platform designs and guidelines for BHPs Cloud Platforms and Cloud Services to deliver compliance to cybersecurity standards, meeting service management requirements, enabling sustainability and resiliency at scale.

• Development of the cloud platform security design framework, ensuring key controls are in place
• Development and execution of the alignment of the Cloud Platforms to the infrastructure, application and data security program, and associated performance metrics
• Review design documents, identify and communicate potential cybersecurity, operations and service management gaps
• Lead the implementation of secure cloud platform design patterns, towards enabling well understood, sustainable and repeatable infrastructure
• Drive the implementation of the secure and sustainable cloud design patterns
• Apply cybersecurity and privacy principles to cloud platform and services design (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Lead risk identification efforts and communication of the risks and mitigating controls to stakeholders to manage cybersecurity risks within the organisation
• Provide designs and assistance towards security services including platform, application security scans, code reviews to ensure secure infrastructure as code development, DevSecOps support, and cloud asset vulnerability management
• Develop Cybersecurity Cloud design patterns, reference architectures and standards using BHP architecture templates and modelling tools.

About You

As the successful candidate you will possess the following:

• 10 years of relevant experience in the industry (Mining, Resources, Banking or Telco), domain areas (Secure-by-Design Application or Platform Development, DevSecOps, Application Security, Cloud Security).
• STEM Degree in Computer Science, Technology, Engineering, or Management Information Systems
• Strong knowledge of AWS and Azure security services and features
• Experience with security and compliance monitoring tools and frameworks
• Familiarity with security best practices, such as IAM, encryption, and network security
• Extensive experience delivering cloud platform using infrastructure as code in a DevSecOps framework
• Understanding of industry regulatory and compliance requirements like FedRAMP, PCI-DSS, NIST, HIPAA
• Expert level in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate) in general but also in particular for applications, O365 and Azure/AWS cloud environments
• Deep understanding of API-driven deployments and microservice design