Cybersecurity Engineer | Aus

About The Position

Requirements

• Relevant degree in Engineering, Science, or Information Systems, or 5+ years of demonstrated experience owning security programs or workstreams in an Information Security, Network Engineering, or System Administration capacity
• Demonstrated technical foundation in at least one of: SOC / security operations, networking, system administration, or software development, with the ability to provide credible security consulting to engineering teams
• Experience managing or contributing substantially to an ISMS aligned with ISO 27001, including audit support and control evidence
• Experience with GRC activities: risk assessments, control frameworks, policy development, and compliance monitoring
• At least one security certification: CISA, CISM, CISSP, SANS, BSI, or equivalent
• Strong written and verbal communication; able to translate technical risk for stakeholders at every level

Nice To Haves

• Prior work in a regulated software environment (healthcare SaaS, medical devices, avionics, automotive, or similar) with direct exposure to product-level security obligations (IEC 81001-5-1, ISO 14971 in a cybersecurity context, or equivalent)
• Experience with AI-based products or AI governance frameworks, including ISO 42001 or NIST AI RMF; familiarity with the EU AI Act's security and transparency obligations is a plus
• Familiarity with ISO 13485 or ISO 9001 quality management systems, and how ISMS controls intersect with QMS obligations
• Hands-on experience with enterprise security tooling at a comparable level of complexity. Harrison.ai 's current stack includes CrowdStrike, CATO Networks, Mimecast, BeyondTrust, and AIM Security
• Experience responding to enterprise security questionnaires and third-party vetting platforms (Drata, Vanta, OneTrust, UpGuard)
• Experience in cloud security including cloud security certificate

Responsibilities

• ISMS management and compliance. Manage and maintain the Information Security Management System, ensuring ongoing compliance with ISO 27001, GDPR, HIPAA, and other applicable frameworks.
• Cybersecurity assessments and risk remediation. Conduct cybersecurity assessments and audits; triage and drive remediation of identified risks in collaboration with engineering teams.
• Policies and documentation. Author and maintain cybersecurity policies, procedures, and controls documentation to support Cybersecurity and Governance requirements.
• Technical security operations. Support cybersecurity operations and IT on technical security tooling, firewalls, networking, endpoint protection, and SIEM.
• Security questionnaires and third-party vetting. Respond to bids, tenders, and third-party security vetting.
• Security culture and awareness. Champion a security first culture across the organisation: create awareness programs, run training, and embed security-by-design thinking into how teams work.
• Data security and governance. Support data security and data governance initiatives across the organisation.
• Demonstrably AI-forward. Uses AI in their own workflows and can point to concrete automations they have built or commissioned to take work out of IT and operations.

Benefits

• yearly L&D budgets
• mentoring
• hackathons
• secondments
• WFH options
• flexible hours
• inclusive, thoughtful policies to support families in every stage