Careers at Fortian

Come and work with us

Fortian is always looking for talented individuals to join the team and achieve our and our customers' goals. If you'd like to work with a great team of security people in Sydney or Melbourne please get in touch at careers@fortian.com.au

We currently are looking for people to help us in the following areas, but if you think you have something else to bring to the team that we haven't specifically asked for below please let us know!


Security Consulting and Architecture

Overview

We are looking for enthusiastic security architects with a genuine passion for technology to join the team. The successful candidates will have the capability to deliver security & solution architecture services to our clients, have a strong technical background, 7+ years experience working in a security architecture or senior security consulting role, be highly motivated and have a strong desire to work on leading edge projects.

Purpose

Fortian consultants work closely with our clients to enable their businesses to leverage new technologies in a secure manner. These roles will consult with the business, project and internal technical practitioners to continually look for new opportunities to evolve and improve security through outlining conceptual and logical security models and controls, and update solution requirements to reflect the need for security. Through enforcement of security policy and designing solutions aligned to core security principles, our consultants assist in protecting our customers' critical information assets in line with their risk appetite.

Key Responsibilities

  • Develop and deliver security strategy, architecture and design for our customers;
  • Develop high-level and detailed security requirements relating to project initiatives;
  • Understand and track emerging threats and technologies and their relevance to security architecture;
  • Assume solution architecture and design duties as part of project teams;
  • Interface with internal security resources and liaise with external security experts and industry participants;
  • Clearly communicate security issues and risks to both technical and non-technical stakeholders; and
  • Produce clear and well documented architectural documentation and reports.

Experience

The successful candidate MUST have:

  • Minimum 7+ years working experience in solution / security architecture or design;
  • Experience working in large organisations in industry or in a professional services company;
  • Broad knowledge and experience across various information security domains;
  • Demonstrated ability to develop fit for purpose solutions to solve complex technical issues;
  • Significant experience in the end-to-end security project life cycle – defining security requirements, high level architecture, detailed design & implementation;
  • Proven technical (hands-on) experience, ideally with specialisation in a particular security domain; and
  • Excellent oral and written communication skills with a focus on consulting techniques and cross-team collaboration.

Highly Desirable

  • Previous exposure to security operations;
  • Previous experience with AWS and/or Azure;
  • Experience with security penetration and security code review methodologies;
  • Exposure to Agile projects;
  • Ability to promote the benefits of cyber security;
  • Ability to manage stakeholder relationships;
  • Effective time management skills and an ability to work to deadlines;
  • Relevant security certifications such as CISSP, CISA, CISM, SABSA, GIAC, TOGAF; and
  • Relevant tertiary (or equivalent) qualifications.

Benefits and perks

  • Great remuneration;
  • Awesome staff incentives that you don’t see every day;
  • A chance to sharpen your expertise through working with leading industry professionals;
  • Flexible working conditions;
  • Regular staff social activities which bring the company together and have some fun;
  • An ability to influence Fortian’s strategic bets – the new product and service offerings that we are taking to market; and
  • Challenging and interesting work.

Occasionally, some travel may be required domestically within Australia or internationally.

Candidates must be willing to obtain a security clearance, which may be required for work with some customers.

Security Development and Operations

Overview

The Security DevOps position is responsible for working in a DevOps team. It is a role that requires independent collaboration with business and risk teams, developers, operations engineers, scrum masters and product owners to achieve the ideal security outcome based on the risk posed to the business.

Security DevOps is a fledgling practice that allows flexibility with a broad range of responsibilities including traditional security consulting, automation, penetration testing, code reviews, development and risk assessment.

The ideal candidate will have either a security or development background with a strong understanding of both disciplines and the willingness to experiment and try new ways of achieving secure outcomes along with at least a few years of industry experience.

Key Responsibilities

  • Work with, and educate developers on secure coding and design;
  • Work with solution architects and designers to input security early in the solution lifecycle;
  • Build and enhance security automation services including code reviews and security testing;
  • As needed, perform penetration tests on components of solutions and coordinate with other penetration testing activities; and
  • Work with risk teams to provide the technical input into the risk management process.

Qualifications and Experience


Qualifications
  • Work with, and educate developers on secure coding and design;
  • Work with solution architects and designers to input security early in the solution lifecycle;
  • Build and enhance security automation services including code reviews and security testing;
  • As needed, perform penetration tests on components of solutions and coordinate with other penetration testing activities; and
  • Work with risk teams to provide the technical input into the risk management process.
Experience

Candidates must have both:

  • Ssecurity architecture or design, penetration testing or security consulting experience; and
  • Professional or non-professional experience as a developer.

Candidates should be able to demonstrate some level of active development, whether through professional experience, personal projects or contributions to open source projects.


Skills
  • Security architecture and design;
  • Application security skills;
  • Penetration testing;
  • Code review;
  • Development lifecycle;
  • Linux / Unix and networking fundamentals;
  • AWS and/or Azure security;
  • Containerisation and virtualisation;
  • Ability to code;
  • Scripting languages like Python, NodeJS, Bash will be useful;
  • An understanding of other languages like Java and .net will be useful for dealing with developers, but not required;
  • Business consulting; and
  • Advocacy and education.

Competencies
  • Communication – ability to communicate with technical resources, the business and risk;
  • Flexibility – ability to one day be working on a conceptual model, and the next day be hands on building tooling; and
  • Independence – the ability to balance multiple stakeholder interests while remaining focused on the ultimate goal.

Benefits and perks

  • Great remuneration;
  • Awesome staff incentives that you don’t see every day;
  • A chance to sharpen your expertise through working with leading industry professionals;
  • Flexible working conditions;
  • Regular staff social activities which bring the company together and have some fun;
  • An ability to influence Fortian’s strategic bets – the new product and service offerings that we are taking to market; and
  • Challenging and interesting work.