Senior Security Engineer

Hi, we're PEXA

We know you'll Google us before applying, so let's keep this brief. PEXA revolutionised the way that property is settled in Australia, turning a paper-based process into a digital one. Our solution is a world-first, with over 500 people across Australia and an expanding international team, we're helping 20,000+ families into their homes each week.

We're passionate about solving problems for our customers – always striving to set the standard for how property is bought and sold. Being awarded as one of the best places to work in Australia is a recognition of our culture and commitment to innovation, customers and our community.

We're growing fast, that is where you come in.

We believe our success in Australia is worth sharing and that our proven technology will advance how the UK buys and sells homes.

Establishing ourselves within the UK in late 2020, we are committed to collaborating with lawyers, conveyancers, lenders, government and the property industry, to set the new standard for both remortgages and buying and selling property.

Why become a PEXArian?

Great question Being a PEXArian is so much more than just a job. We're a passionate, motivated and unashamedly enthusiastic bunch at PEXA – we love what we do and we're proud to admit it Creating brilliant experiences for our members and their clients wouldn't be possible without ensuring we deliver an exceptional employee experience.

Here's a snapshot of what your life at PEXA could look like:

Your growth:

We encourage you to hit your personal and professional learning and development goals with our tailored programs and tools.

Your wellness:

We care about your holistic wellbeing

Your work/life blend:

We know that work is just one aspect of your life – we want to help you create your ideal work/life blend, rather than squeezing in life around work.

The Senior Security Engineer will provide hands-on technical leadership within the UK, ensuring that cyber security strategy and architecture defined by AU are implemented effectively across UK subsidiaries, aligned with local jurisdictional compliance requirements.

This role bridges between AU Security, outsourced partners, and UK subsidiaries (Optima, Smoove, Legal Eye, Amity Law), ensuring successful delivery of projects, uplift initiatives, and BAU operational excellence.

This position will own UK technical approvals, impact assessments, and project-specific security delivery, acting as the local escalation point for incidents and implementations.

Maintenance and Operational Security

• Control Effectiveness: Ensure all security solutions (e.g., firewalls, EDR, WAF, posture management) remain operationally effective through regular checks and coordination with cross-functional teams.
• Patch & Vulnerability Management: Ensure technical teams timely patch applications, systems, software, and hardware; address findings from vulnerability scans or penetration tests, remediating directly where possible or coordinating with system owners.
• Configuration Management: Maintain and audit secure configurations for devices, applications, and cloud environments, ensuring alignment with approved baselines and CIS benchmarks.

Access Control and Identity Management

• Reviews: Conduct regular user and privileged account reviews, ensuring least-privilege principles and appropriate role-based access control.
• Monitoring: Manage and monitor Privileged Identity Management (PIM) profiles and elevated access accounts.
• JML: Coordinate with IT and HR for onboarding/offboarding to ensure access consistency and policy compliance.

Tool, Infrastructure, and Encryption Management

• Maintain and optimise security infrastructure and tools, including firewalls, antivirus, WAF, cloud security posture management, and endpoint protection solutions.
• Oversee encryption key and certificate management, ensuring secure communication and data protection across systems.
• Work with vendors and internal teams to ensure tools remain current, licensed, and integrated effectively.

VPN, Network & Firewall Security

• Design, configure, and maintain secure VPN and Zero-Trust network solutions for remote access and inter-site connectivity.
• Manage access controls, MFA policies, and authentication mechanisms (certificates, SAML, device posture checks).
• Administer and maintain network firewalls, including policy creation, rule optimisation, segmentation, and change management.
• Collaborate with the SOC to investigate network-related incidents and participate in periodic penetration testing and remediation.
• Document network topology, firewall rules, and VPN configurations; ensure compliance with internal standards.

Endpoint Security

• Deploy, manage, and monitor Endpoint Detection & Response (EDR) and associated endpoint controls.
• Maintain secure endpoint baselines covering patching, encryption, and vulnerability remediation.
• Integrate endpoint compliance and posture assessments with MDM platforms (e.g., Intune).
• Work with the SOC on endpoint incident investigations and automate endpoint configuration workflows where possible.

DevSecOps & Application Security

• Provide hands-on security guidance to development teams throughout the software lifecycle.
• Embed security into CI/CD pipelines ("shift-left") — including SAST/DAST, dependency management, and IaC security reviews.
• Contribute to secure cloud architecture and application design, ensuring alignment with global reference architectures.
• Support application security testing, sign-offs, and remediation of vulnerabilities across development and cloud environments.

Monitoring, Threat Management & Incident Response

• Collaborate with the SOC team to monitor, investigate, and triage security alerts and incidents.
• Conduct log and event analysis to support proactive detection and response.
• Participate in incident response, root cause analysis, and post-incident reviews to strengthen preventive controls.

Governance, Compliance & Continuous Improvement

• Maintain accurate documentation of network, endpoint, and security control configurations.
• Support compliance efforts against frameworks such as ISO 27001, SOC 2, CIS benchmarks, and Cyber Essentials Plus.
• Participate in change management, risk assessments, and architecture reviews to identify potential security impacts.
• Identify process optimisation opportunities, automate repetitive tasks, and drive continuous control improvement.

Awareness & Training

• Assist with internal security awareness initiatives, including phishing simulations and staff training programs.
• Promote a culture of security accountability across business units through practical engagement and education.

Partner & Vendor Engagement

• Serve as the primary UK liaison with third-party security partners for 24/7 SOC, firewall, and network operations.
• Ensure outsourcing arrangements deliver effective outcomes while maintaining internal ownership and oversight.
• Collaborate with AU procurement and security leadership on vendor performance and contractual governance.

Security Advisory & Collaboration

• Provide security consultancy and expertise to IT, DevOps, and Infrastructure teams during system upgrades and new deployments.
• Contribute to vulnerability management and remediation planning across diverse technology stacks.
• Evaluate emerging tools, frameworks, and security technologies, leading proofs of concept and advising on procurement.
• Support penetration testing, application reviews, and other proactive security improvement initiatives.

• Proactive, can-do attitude to get things done quickly and efficiently.
• Strong collaboration and communication skills.
• Willingness to contribute ideas to the security programme.
• Demonstratable first-hand experience in achieving organisational adherence to security best practices.
• Experience in the practical protection of a remote working laptop estate and SaaS cloud solutions.

o Experience in identity and access management solutions.

o Experience in device business automation and updates.

• Experience in the security aspects of cloud web application hosting and defence measures like WAF.

Technology product specific desirable skills:

• Palo Alto Cortex ERD
• Palo Alto Global Protect VPN
• Palo Alto Prisma Cloud Firewall
• Nucleus vulnerability management
• Airlocker application whitelisting
• Trend Micro and Abnormal email security
• OKTA / Entra IDAM

Sounds like you?

We at PEXA are ready so if this role sounds like you apply today.

To be conducted as part of post offer employment checks:

The personal information we have collected from you will be shared with Cifas who will use it to prevent fraud, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct. If any of these are detected, you could be refused certain services or employment. Your personal information will also be used to verify your identity. Further details of how your information will be used by us and Cifas, and your data protection rights, can be found at [Cifas].

GDPR Compliance

Digital Completion UK Limited (trading name "PEXA"), Optima Legal Services Limited (trading name "Optima Legal") and Smoove Limited (a holding company which comprises of the following wholly owned trading Subsidiary companies: United Legal Services Limited, United Home Services Limited, Legal-Eye Limited, and Amity Law Limited) are all owned directly by DigCom UK Holdings Limited, which is a wholly owned Subsidiary of PEXA Group Limited in Australia (ACN ; ASX: PXA) (referred to collectively as "PEXA Group").

When we process your applicant personal data for recruitment purposes, we do so as a controller. If as part of the recruitment process, we share your personal data with another company within the PEXA Group, that company may process your personal data as either an independent controller or, in certain circumstances, a joint controller. By applying for this role, you consent to us processing your personal data in accordance with the UK General Data Protection Regulation ("UK GDPR") and the Data Protection Act 2018, and further information can be found in our privacy notice .