Technical Architect - Threat & Vulnerability Management

Are you a seasoned security professional with a talent for shaping enterprise vulnerability strategies? We are seeking an experienced Technical Architect to lead and shape threat and vulnerability management initiatives within a major financial services organisation. Based in Brisbane, this six-month contract offers a unique opportunity to influence security posture in a hybrid work setting by delivering hands-on solutions and strategic guidance across diverse technology domains.

In this role, you will serve as the technical leader for vulnerability management, designing, implementing, and refining processes that encompass the entire vulnerability lifecycle. Your expertise will help identify, prioritise, and remediate risks effectively while collaborating across teams and communicating clearly with technical and executive stakeholders.

What You Will Do

• Serve as the technical architect for threat and vulnerability management across the organisation’s enterprise environment, offering expert guidance and delivering hands-on solutions throughout the full vulnerability lifecycle.
• Design and implement comprehensive vulnerability scanning strategies using Qualys, including scan policy configuration, asset group management, and remediation tracking across on-premises and cloud infrastructure.
• Manage application security testing through Veracode, integrating scanning into the software development lifecycle and collaborating with development teams to resolve findings within agreed timeframes.
• Use Assetnote to monitor the external attack surface, identifying exposed or misconfigured assets and advising on risk mitigation strategies.
• Administer and optimise the ServiceNow Vulnerability Response module, ensuring vulnerability data is accurately reflected in the CMDB and that remediation workflows are functioning effectively.
• Develop clear, audience-appropriate reports on vulnerability posture, highlighting risks, trends, and remediation progress for both technical teams and senior stakeholders.
• Define and document vulnerability management processes, including triage criteria, service level targets, exception handling, and escalation pathways.
• Collaborate with cloud, infrastructure, application, and risk teams to ensure vulnerabilities are well understood, owned, and remediated across all technology domains.
• Contribute to the broader security architecture, providing input on how vulnerability management integrates with patch management, incident response, and risk governance processes.

What You Will Bring

Essential

• Proven experience as a Technical Architect specialising in threat and vulnerability management within large enterprise environments.
• Deep hands-on experience with Qualys, including scan policy design, asset management, dashboard configuration, and remediation reporting.
• Practical experience using Veracode for application security testing, with the ability to interpret findings and work collaboratively with development teams on remediation.
• Experience with Assetnote or similar external attack surface management tools.
• Strong working knowledge of ServiceNow, especially the Vulnerability Response module and its integration with the CMDB.
• Excellent communication skills, capable of presenting technical risks clearly to a broad range of audiences, from engineers to executives.
• Experience designing and documenting vulnerability management processes within regulated or enterprise frameworks.
• Ability to work independently in a contract environment with multiple ongoing work streams.

Nice to Have

• Experience within financial services or other highly regulated industries in Australia.
• Familiarity with security frameworks such as Essential Eight, NIST CSF, or ISO 27001.
• Relevant security certifications such as CISSP, GPEN, CEH, or similar.
• Experience working with cloud platforms like AWS, Azure, or GCP and understanding the specific vulnerabilities associated with cloud environments.
• Background in designing or reviewing security reference architectures at the

To be considered for the role click the 'apply' button or for more information about this and other opportunities please contact Nayana Lahoti on 07 3339 5616 or email: nlahoti@paxus.com.au and quote the above job reference number.

Paxus values diversity and welcomes applications from Indigenous Australians, people from diverse cultural and linguistic backgrounds and people living with a disability. If you require an adjustment to the recruitment process, including the application form in an alternate format, please contact me on the above contact details.