Company Overview

Founded in 2014, and listed on the ASX since 2015, Superloop’s purpose is to enable better internet for Australian homes and businesses, by enabling challenger retail brands to take a larger share of the market, leveraging Superloop’s Infrastructure-on-Demand platform.

Superloop operates in three segments of the market: consumer connectivity, business network and security solutions, and wholesale connectivity, all of which leverage Superloop’s investments in physical infrastructure assets including fibre, subsea cables and fixed wireless, as well as Superloop’s software platforms. Hundreds of thousands of homes and businesses rely on Superloop everyday for their connectivity needs.

Visit www.superloop.com to learn more.

Business Unit Overview

The Security team report through to our Operations unit which is the engine room of Superloop - responsible for maintaining and supporting all of our products and internal technical infrastructure to ensure the best possible service to both our customers and our very own business. Our Operations unit is responsible for ensuring that the business has the technical capability and capacity to deliver services to all Superloop customers ranging from Home Broadband to International Wholesale. Our Security team has the board responsibility for both securing the corporate network and the externally customer facing networks and portals.

Role Purpose

As the Cyber Vulnerability & Patching Specialist, you will be responsible for the identification, prioritisation, and remediation of vulnerabilities across Superloop’s IT environment. This hands-on role is critical in reducing the organisation’s cyber risk exposure by maintaining patch compliance across all server and workstation operating systems, third-party applications, and Microsoft Office products. You will play a key role in the vulnerability management lifecycle, leveraging Rapid7 and other patch management tools to ensure timely and secure remediation of known threats.

Key Responsibilities

• Monitor and manage vulnerability detection and remediation activities using Rapid7 and other security tools.
• Track, validate, and prioritise vulnerabilities based on severity, asset criticality, and business impact.
• Coordinate and execute patch deployment for Windows, Linux, and macOS workstions and servers in line with the approved change window and risk tolerance.
• Own the deployment and compliance of Microsoft Office and third-party software patches across all user endpoints.
• Maintain an accurate record of patch status and exceptions and produce regular compliance reports for IT and Cyber leadership.
• Collaborate with infrastructure, desktop, and application teams to coordinate patch testing and avoid business disruption.
• Ensure patching activities are aligned with cybersecurity policy, vendor recommendations, and industry best practices.
• Participate in continuous improvement of patch management processes, including automation, reporting, and scheduling.
• Investigate and resolve patch-related issues or failures and maintain clear documentation of root causes and remediation.
• Stay up to date with vendor security advisories, zero-day vulnerabilities, and emerging threats to assess impact on the environment.
• Ensure patches are validated prior to wider deployment
• Assist with the development and maintenance of standard operating procedures for patch management and vulnerability remediation.
• Support audit and compliance requests relating to vulnerability management and patching controls.
• Participate in cyber incident response as required, including remediation of exploited or high-risk systems.

Qualifications and Experience

• Proven experience in patch management, vulnerability remediation, or systems administration in a mid-to-large IT environment.
• Strong working knowledge of Windows Server, Windows 11, Linux distributions (e.g. Ubuntu, RHEL), and macOS operating systems.
• Familiarity with vulnerability management tools, ideally Rapid7 InsightVM.
• Experience using patch deployment tools such as WSUS, SCCM/MECM, Intune, or Ansible.
• Understanding of CVSS scoring, risk prioritisation, and vulnerability lifecycle management.
• Comfortable working in production environments with a disciplined approach to change and release management.
• Strong analytical and troubleshooting skills with attention to detail.
• Ability to work independently while collaborating effectively with cross-functional teams.
• Familiarity with Microsoft Office patching and update channels.
• Experience working in environments governed by cybersecurity frameworks (e.g. Essential Eight, ISO 27001, NIST) is an advantage.

Key Deliverables

• Maintain >95% patch compliance across all supported operating systems and Microsoft Office applications.
• Ensure timely remediation of critical and high-severity vulnerabilities in line with SLAs.
• Deliver monthly reporting on vulnerability and patch status to Cyber and IT leadership.
• Reduce time to remediation and improve patching success rates across the environment.
• Support internal and external audits with documented evidence of patch management controls.
• Maintain a stable, secure environment by proactively investigating known patch breaks and testing patches prior to wide deployment.