Overview
Did you know?
The mission of the Australian Federal Police is to provide dynamic and effective law enforcement to the people of Australia. It provides policing throughout Australia in relation to the prevention and detection of crimes against the Commonwealth, its laws and integrity, and community police services to the Community of the ACT. Working for the AFP provides you with a diverse and rewarding career. Whether you immerse yourself in a position on the frontline, or provide critical operational or professional support, the work you do makes a big impact on the people of Australia. We're committed to looking after you, with some of the best benefits and conditions in the industry – including (but not limited to):
* Six weeks (30 days) of paid annual leave per year + additional paid Christmas stand down
* 4 extra days of mandatory rest leave per year
* 18 days of paid personal leave per year
* Generous superannuation of 15.4%
* 18 weeks paid Parental Leave for Primary Caregiver (and 14 weeks for Secondary Caregiver) + additional unpaid leave entitlements for up until 24 months from the child's date of birth or placement
* Generous salaries and incremental salary progression governed by the AFP Enterprise Agreement
* Flexible and hybrid working arrangements that support work-life balance
* Health & wellbeing services – with a focus on early intervention, education and prevention
* Access to ongoing training and professional development opportunities
What is the role?
The Technology Operations & Chief Information Officer Command (TOCIO) is seeking passionate, and suitably skilled and experienced Cyber Security Analysts to join our unified Security and Network Operations Centre (SNOC) in Cyber Defence with a strong team culture, where collaboration, trust, and shared accountability underpin how we operate. As a team member you will help protect the availability, integrity and security of AFP's critical systems and services that enable policing operations and outcomes.
The SNOC is responsible for continuous integrated security and network monitoring, incident detection, triage, response and escalation of potential threats and operational incidents in real-time. The SNOC combines cyber security operations with network operations to provide end-to-end visibility of AFP's ICT environments.
What will you do?
* Support and mentor junior staff to build operational capability and confidence.
* Monitoring Security Information and Event Management (SIEM) tools and other security and network monitoring platforms for threats, faults, and performance degradation.
* Detect, triage, investigate and respond to cyber security incidents and network events.
* Escalating incidents as required to the Hunt and Incident Response team for further investigation and action, in line with severity impact and playbooks.
* Escalating significant network performance issues and faults to the Network Operations team for analysis and remediation.
* Correlate security alerts with network and infrastructure telemetry to determine root cause.
* Resolving minor incidents and false positives.
* Maintain accurate incident records, logs and handover notes.
* Collecting, assessing and reporting threat intelligence to inform appropriate stakeholders and improve accuracy and effectiveness of monitoring efforts.
* Contribute to the development improvement of detection rules, alerts and playbooks.
* Work Collaboratively with cyber security, network, platform and applications teams.
* Identify recurring issues and recommend improvements to reduce operational risk.
* Participate in exercises, training and capability uplift activities.
* Adhere to operations, security and compliance requirements.
Essential Requirements
* You must be an Australian Citizen at the time of application.
* A Negative Vetting 1 (Secret) security clearance or the ability to obtain one.
* Demonstrated and hands-on experience with SIEM and SOAR platforms in a live environment.
* Sound understanding of enterprise networking concepts, protocols, and technologies.
* Strong analytical and problem-solving skills with the ability to work under pressure.
* Understanding of cyber security frameworks, threat vectors and attacker techniques.
* Ability to upskill and learn new tools as required.
Desirable Requirements
The following skills and/or experience would be highly regarded:
* Relevant qualification or extensive experience in Cyber Security, or Computer Science.
Additional Information
* Positions are available in Canberra, Sydney, Perth and Melbourne. Flexible and hybrid work arrangements will be considered.
* No feedback will be provided to candidates who do not progress to interview.
Commitment to Diversity & Inclusion
We\'re all individuals and we love that. At the AFP we value the different perspectives, approaches and lived experiences of our people, and recognise that our collective intelligence and diversity is what makes us stronger. As such, we encourage applications from people from all walks of life, including people from culturally and linguistically diverse backgrounds, First Nations people, women, the LGBTQIA+ community and people with disability.
Contacts and Closing Information
Contact Officer: Tijana Delov
Contact Officer Phone: 02 5127 2525
Contact Officer Email: Tijana.delov@afp.gov.au
Applications Close: 11:59pm (AEST) 02/06/2026
#J-18808-Ljbffr