Cyber Security Engineer

Eightcap is a dynamic online trading provider committed to delivering exceptional trading tools and professional insights that empower smarter trading decisions. Headquartered in Melbourne, Australia, with a global footprint across the UK, Cyprus, Bulgaria, and the Bahamas, we blend the agility of a fintech innovator with the stability of a regulated financial institution. The Cyber Security Engineer is responsible for delivering and continuously improving Eightcap’s security capabilities across security operations, cloud and corporate security architecture, identity and access, and GRC initiatives. The role contributes to protecting Eightcap’s trading platforms, client data, corporate systems, and global operations, while ensuring security supports innovation, regulatory compliance, and sustainable business growth. This role sits within an ‘engineering only’ security team. At Eightcap, all security team members are engineers, and responsibilities that may sit as separate functions in traditional security teams, including elements of SOC, GRC, architecture, and general security support across the business, are shared across the team by design. We prioritise reducing manual effort through automation, sophisticated tooling, and scalable engineering. Key Responsibilities • Deliver and improve security capabilities across cloud, corporate, and trading environments. • Build and maintain security tooling, controls, and automation to improve resilience and efficiency. • Contribute to system design, infrastructure changes, and technology decisions with a security focus. • Enhance detection, alerting, and response workflows to increase signal quality and reduce manual effort. • Support incident response, including investigation, containment, remediation, and post-incident improvements. • Strengthen cloud security architecture and partner with engineering teams to remediate risks. • Implement and improve identity and access controls, including MFA, SSO, RBAC, and privileged access. • Contribute to access governance, lifecycle controls, and automation of identity processes. • Support governance, risk, and compliance activities, including control implementation and audit readiness. • Provide practical security guidance to stakeholders across engineering, product, and business teams. • Improve operational playbooks, processes, and overall security visibility. • Contribute to a collaborative security culture with shared ownership across functions.