Specialist, Offensive Security Assessment

At IAG, we’re ready for you. We're the largest general insurance group in Australia and New Zealand. Our family of brands turns the IAG purpose of making your world a safer place into action by helping everyday Aussies and New Zealanders, supporting their ambitions and making insurance accessible.

Help protect what matters at IAG. As part of our frontline cyber defence team, you’ll play a critical role in safeguarding our digital and information assets from increasingly sophisticated threats.

In this role, you’ll identify vulnerabilities, drive remediation actions, and strengthen configuration compliance across our environments. Your work will directly reduce risk and help protect our customers, people, and business from potential cyber-attacks.

A major cyber incident could have serious consequences for IAG—this team is one of the key lines of defence. That means your impact will be real, visible, and essential.

If you’re passionate about cyber security and want to make a meaningful difference, this is your opportunity to help create a safer digital world.

What You’ll Do

• Conduct cloud security assessments, including configuration reviews and container/Kubernetes posture
• Perform threat modelling for cloud-native applications
• Support and review cloud security controls (CSPM, CWPP, CNAPP)
• Enable DevSecOps practices and strengthen CI/CD pipeline security
• Develop security automation, detection capabilities, and improve service efficiency
• Ensure vulnerability scanning, coverage optimisation, and compliance validation across infrastructure
• Collaborate with stakeholders to drive effective remediation, prioritisation, and asset visibility
• Maintain dashboards, document assessment outcomes, and continuously improve processes, policies, and service delivery

This is a permanent role and offers a flexible hybrid work model based anywhere in Naarm (Melbourne).

What You’ll Bring

• Strong experience securing cloud platforms such as AWS, Azure, or Google Cloud
• Hands-on knowledge of container security, including Docker and Kubernetes
• Familiarity with scripting and automation using tools like Python, PowerShell, or Bash
• Solid understanding of networking and cloud-native architecture patterns
• Experience with vulnerability management and cloud configuration tools
• Knowledge of security frameworks and standards such as CIS Benchmarks, NIST CSF, ISO 27001, PCI-DSS, and CVSS
• Exposure to ticketing and workflow tools like ServiceNow, Jira, or Wiz
• Technical background in application development or web technologies, with experience assessing web application security in cloud environments

What We Offer

• Boosted superannuation with 13% as standard.
• 20 days annual leave + 5 days MyLeave (extra leave for what’s important to you).
• Work from home and many more flexibility options with myFlex.
• Up to 50% off personal insurance, including home and motor insurance.
• Partner discounts on private health insurance, tech & appliances, and many more.
• Industry-leading 20 weeks paid parental leave.
• Access to LinkedIn Learning, the award-winning IAG Academy, study assistance and secondment opportunities.

*employment type eligibility criteria apply

Applications close: Sunday 21 June 2026 11:59PM AEDT

Adjustments and Support

If you require any support or adjustments to participate equitably in our recruitment process, we encourage you to reach out to [email protected] for a confidential conversation.

More About Us

As part of IAG you'll enjoy a world of career opportunities, a purpose-led place focused on creating connection and belonging, and where you can create meaningful impact every day and grow your career beyond the expected. That’s not just words. It’s our people promise. We're ready for you with unexpected opportunities for your career, your work-life and your ability to make a difference. We celebrate all viewpoints shaped by life experiences and culture, and are guided by the knowledge and voice of Aboriginal and Torres Strait Islander peoples, businesses, and communities. We collaborate on Indigenous-led solutions that enable growth and create meaningful change for our customers and employees.