Specialist, Information Security
About The Position
The Information Technology (IT) team plays a key role in providing business enablement throughout ResMed. We are focused on application, infrastructure, and user productivity solutions, with innovation, efficiency and security. Our goal is providing customer oriented agile delivery, effective business partnership and state-of-the-art technology solutions. This global role within Resmed’s Enterprise Security Group is responsible for ensuring the confidentiality, integrity, and availability of Resmed’s information assets and computing infrastructure. We are seeking a seasoned and proactive Information Security Specialist to lead security risk assessments across cloud environments, third-party vendor solutions, and AI/ML-enabled products. The successful candidate will demonstrate strong technical expertise, risk analysis capabilities, and communication skills to engage independently with project teams, advise on secure design principles, and deliver high-quality reports that inform business decisions and support audit readiness. This position requires close collaboration with enterprise security leadership, business stakeholders, and technical teams across diverse time zones and cultures to ensure alignment between security strategy and organizational objective.
Requirements
- Proven ability to independently lead security risk assessment across diverse technologies.
- Exposure in third-party security risk management process and platforms.
- Strong understanding of key security areas including: Authentication, Authorization, Encryption, Application and Network security, DLP, Endpoint protection, CSPM, CASB, PAM, ZTNA, Logging, Monitoring, Vulnerability Management, and Incident response.
Nice To Haves
- Bachelor’s degree.
- Minimum of 5 years of related experience.
- Professional certifications such as CISSP, CISM, CCSP, CRISC, or AWS Security Specialty.
- Familiarity with regulatory and industry compliance framework, including ISO27001, SOC 2, GDPR, HIPAA, AI Risk Frameworks (NIST AI RMF, ISO/IEC 42001)
- Exposure and knowledge of AWS cloud security controls.
- Experience in healthcare or manufacturing environment is an advantage.
Responsibilities
- Lead security engagement across global projects, ensuring alignment of security practices with business and technical goals.
- Conduct end-to-end security risk assessments for cloud-native and hybrid deployments, including architecture and control reviews for new implementations and managed services.
- Evaluate third-party products during onboarding and integration to ensure security and compliance requirements are met.
- Lead security reviews of AI/ML-based products, focusing on secure product design, guardrail enforcement, and risk mitigation.
- Collaborate with project managers, product owners, architects, and developers to embed security throughout the SDLC.
- Communicate security risks and mitigation strategies in business-relevant language.
- Produce and maintain high-quality documentation, including risk assessments, security summaries, and remediation recommendations.
- Track risks and controls using GRC tools, ensuring traceability and accountability.
- Stay current with emerging technologies, threats, and best practices in information security.
- Contribute to continuous improvement of internal security frameworks and processes.
Benefits
- Challenging, supportive and inspiring career
- Culture driven by excellence
- Diverse and inclusive culture
- Encouraging individual expression in the workplace
- Innovative ideas are thrived upon
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
