Senior Systems Engineer - Infrastructure Security Operations

The role

The Senior Systems Engineer in the Core Infrastructure team is responsible for the security, resilience and operational integrity of the organisation’s server, virtualisation and endpoint platforms. The role ensures critical infrastructure is secure, monitored, patched and compliant with the ACSC Essential Eight, ISM and internal policies, supporting APRA’s technology and modernisation objectives. The position also provides advice to senior managers and recommends innovative solutions to IT issues, operating within APRA legislation and IT governance frameworks.

The team

Reporting to the Infrastructure Manager within the Technology division, the Senior Systems Engineer is a member of the Core Infrastructure team. Primary stakeholders are the Head of Central Services and CIO, other product teams within the Technology department and extends to all staff members within APRA as the Core Infrastructure provides the foundation for many of the Technology solutions at APRA.

Key accountabilities

• Perform daily vulnerability review, prioritisation and remediation planning, acting as the primary operational contact for Vulnerability Management.

• Administer, configure, maintain and optimise patch management platforms including WSUS and Ansible Automation Platform.

• Deliver daily, weekly and monthly SOE patching cycles, including reporting and compliance tracking.

• Conduct server SOE image hardening, lifecycle management, and alignment to ACSC Essential Eight, ISM and PSPF.

• Administer and maintain Qualys Vulnerability Management, including agents, dashboards, scanning schedules and remediation workflows.

• Configure, deploy and maintain Microsoft Defender for Servers across the server and infrastructure assets.

• Maintain and optimise application control solutions, including Microsoft AppLocker, AD GPO (SOE + Applocker)

• Support security uplift activities such as remediation actions, AD hardening and identity posture improvements.

• Administer and maintain Microsoft Defender for Servers, Defender 365 Portal, Azure Monitor and related cloud‑native security services.

• Configure, manage and maintain server monitoring platforms including SolarWinds, Azure Monitor and VMWare Lifecycle Manager monitoring components.

• Ensure continuous visibility and proactive identification of infrastructure health, and security events.

• Deliver infrastructure changes, upgrades and improvements with a security‑first approach.

• Maintain clear and accurate documentation for SOE, patching, vulnerability processes, security platforms and infrastructure components.

• Contribute to project delivery and platform uplift initiatives both autonomously and within cross‑functional teams.

• Support internal audits, compliance reviews and operational reporting requirements.

• Provide troubleshooting support for server and network-related issues.

• Perform after-hours maintenance and occasional interstate travel when required.

About you

• Strong experience with vulnerability management platforms (Qualys).

• Expertise in patch management: WSUS, Ansible Automation Platform, Azure Update Manager, SOE image lifecycle.

• Proficiency with endpoint security and application control: Defender, SEP, AppLocker, Airlock Digital.

• Deep experience with Windows Server, Active Directory, GPO Hardening, SOE configuration.

• Experience with VMware technologies, including Lifecycle Manager.

• Familiarity with server monitoring tools: SolarWinds, Azure Monitor.

• Experience administering Microsoft Defender for Servers and security portals (Defender 365).

• PowerShell scripting for automation and operational efficiency.

• Understanding of secure configuration frameworks such as ACSC Essential 8 / ISM / PSPF.

• Exposure to cloud environments (Microsoft Azure).

• Ability to interpret vulnerability scan results and drive remediation outcomes.

• Strong troubleshooting skills across server, infrastructure and network components.

To work with us you will need to be an Australian Citizen with the ability to gain an NV1 Security Clearance.

About APRA

Australian Prudential Regulation Authority (APRA) was established in 1998 as an independent statutory authority that supervises almost 1,200 financial institutions that manage $8.6 trillion in assets for Australians across the banking, insurance and superannuation sectors.

At APRA, we’re committed to providing an inclusive workplace where everyone belongs, feels valued and respected. We aspire to attract and foster diversity of background, thought, and experience, recognising that a broad range of perspectives, approaches and ideas makes us stronger, and better enables us to meet our obligation to protect the financial wellbeing of the Australian community. If you need any adjustments during the recruitment process, please inform at application stage so we can do our best to accommodate your requirements.