Senior Cyber and Operational Technology Security Engineer

Your role at St John of God Health Care  

As a Senior Cyber and Operational Technology Security Engineer you will be at the heart of our security operations helping to safeguard the organisation from cyber threats. You will be responsible for the design, implementation and maintenance of the digital security systems and processes that protect our caregivers, patients, and information. Additionally you will be responsible for for overseeing cyber security engineering of St John of God Health Care’s Operational Technology (OT) – including facilities, clinical / medical operational technologies, and associated Internet of Things (IoT) devices – to protect, detect and respond to cyber threats across the organisation.

The Position

• Building, operating, and continuously improving cybersecurity tools and processes
• Act as the senior SME for integrated OT, cloud, and data security, providing authoritative technical guidance on secure architecture, design patterns, and control implementation.
• Support the design and maintenance of OT security reference architectures aligned to Australian regulatory requirements and industry standards (including AS/IEC 62443 and Purdue principles), incorporating segmentation, DMZs, and least-privilege remote access.
• Establish and maintain OT asset discovery and inventory using passive, protocol-aware techniques, and configure and tune monitoring and anomaly-detection capabilities in safety-critical environments.
• Provide senior technical input to IT/OT network segmentation initiatives in collaboration with network, facilities, and engineering teams.
• Provide technical oversight and integration guidance for enterprise security platforms (including SIEM, XDR/EDR, CASB, vulnerability management, and firewalls), including OT telemetry integration, in collaboration with SOC/MSSP providers.
• Establish and maintain visibility, security baselines, and monitoring for IoT and connected devices supporting facilities and clinical operations, ensuring OT‑safe methods that protect service continuity and safety.
• Define and maintain OT-appropriate vulnerability, patching, cyber risk controls, and change management approaches that balance cyber risk reduction with clinical safety and service availability.
• Define, implement and assure OT vendor and supply‑chain security controls, including secure remote access patterns (jump hosts, MFA, time‑bound access, monitoring), contractual security requirements, and validation of third‑party controls for clinical and facilities technologies.
• Lead OT cyber risk assessments and security uplift planning aligned to AS/IEC 62443 concepts (e.g., zone/conduit design and target security levels), ensuring risk treatments are practical for safety‑critical operations and clinical environments.
• Provide senior technical input into cyber incident preparedness and response across IT and OT environments, including developing OT-safe runbooks, supporting incident detection and remediation, and contributing to exercises and readiness assessments..
• Coordinate with internal stakeholders and external vendors to investigate, resolve, and document incidents, ensuring root-cause analysis and lessons learned inform future improvements.

You will have senior technical expertise in OT security and architecture, with demonstrated experience integrating OT controls with enterprise cyber security capabilities (e.g., SIEM/XDR, identity controls, and data protection/DLP) where OT systems interface with IT or cloud platforms. Additionally you you have strong experience supporting cyber incident response and management activities across IT and OT environments.

To succeed you will be Tertiary qualified in Information Systems, Cyber Security or a related discipline, or have at least three years’ experience in equivalent roles. You will also hold relevant Security Certifications (CSEC ,CEH, OSCP, vendor certifications, etc.).

Above all, people will be at the core of everything you do committing to and supporting our Mission and Values.

We can offer you

• Highly competitve remuneration
• Permanent full-time position working 76 hours per fortnight
• Located at Perth CBD (Kings Square) or Melbourne CBD (Collins St) offices
• Salary packaging up to $18,550 on a range of benefits such as mortgage, rent, meal entertainment, holiday accommodation or other everyday living expenses as well as options to salary package benefits above the FBT cap on items such as:
  • Novated leasing 
  • work related expenses
  • self-education and
  • additional superannuation
• Employee discount on St John of God Hospital & Medical Services and Private Health Insurance
• Employee support through our dedicated free Employee Assistance Program (EAP)
• A healthy work-life balance through flexible work options, additional purchased leave and well-being programs
• Access to a range of Lifestyle, Health & Wellbeing rewards and discounts
• Paid Parental Leave
• End of trip bike and shower facilities (Perth only)
• Close to Public Transport

If suitable applicants are identified advertisement may close prior to listed date and screening/interviews may commence throughout the advertising process.

Please note unsolicited applications from recruitment agencies will not be accepted.

St John of God Health Care embraces diversity and strongly encourages applications from Aboriginal and Torres Strait Islander peoples and people with disabilities. We are committed to providing a safe environment for all children and vulnerable people in our care and proactively take measures to protect children/vulnerable people from abuse.