OneMain Financial Jobs

About the role

As a Security Engineer, you will make an impact by serving as the named, accountable owner of all security and platform controls that protect a government support service’s production environment=You will be a valued member of the Technology & Security team and work collaboratively with the CISO, infrastructure engineers, compliance stakeholders, and third-party audit teams to ensure the organisation’s security posture remains robust, auditable, and continuously improving.

In this role, you will:

· Own end-to-end security controls across endpoint (Intune), identity (Entra ID), network access (Zscaler), and cloud platform (Azure) as a single, integrated security boundary protecting PII-bearing production systems

· Design, operate, and continuously improve Conditional Access policies, device compliance rules, and least-privilege access controls in alignment with ISM requirements and IRAP expectations

· Systematically identify, track, and close penetration test findings and audit remediation items with clear, reproducible evidence of control effectiveness

· Prevent security control drift by proactively monitoring all four domains and acting as the escalation point for security-critical platform incidents

· Maintain audit-ready documentation of all security decisions, configuration changes, and control evidence to support ongoing compliance obligations

What you need to have to be considered

· Demonstrated hands-on ownership across all four domains — Microsoft Intune, Entra ID, Zscaler (ZIA & ZPA), and Azure — including design, operation, and remediation in a production environment handling sensitive or regulated data

· Proven experience designing and maintaining Conditional Access policies, device compliance frameworks, and MFA/authentication strength controls that integrate device posture, identity signals, and network access decisions

· Practical experience closing formal penetration test findings in a systematic, documented manner with auditable evidence of remediation

· Working knowledge of the Australian Government Information Security Manual (ISM) and IRAP assessment processes, including alignment of platform configurations to ISM controls

· Strong documentation discipline — you write up configurations, decisions, and remediations in a way that is reproducible and audit-ready without prompting

These will help you stand out

· ASD-certified IRAP Assessor status or direct experience working within a formally IRAP-assessed environment

· Zscaler certifications (ZCCA-IA or ZCCA-PA) and/or Microsoft certifications across SC-300, MD-102, or AZ-500

· Prior experience in a named control-owner or security-accountable role within a government-adjacent, health, or regulated community services environment

· Familiarity with Windows Defender Application Control (WDAC) policy authoring and enterprise Windows Autopilot deployment at scale

· Experience presenting control evidence and security posture updates to non-technical compliance or audit stakeholders

Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.