Level 3 Security Operations Engineer - Managed ServicesLevel 3 Security Operations Engineer - Managed Services3 days ago Be among the first 25 applicantsAt NCS Australia, we believe in doing technology services better. Our commitment to quality, focus on people, and willingness to challenge traditional thinking set us apart. Our team brings this belief to life by partnering with our clients and communities to make tomorrow together.We are committed to creating an environment that prioritises innovation, collaboration, and purposeful work. Our diverse team is empowered to make a meaningful impact with curiosity, creativity and resilience to shape better outcomes. Join us and accept the challenge of creating a better tomorrow.About us:At NCS Australia, we believe in doing technology services better. Our commitment to quality, focus on people, and willingness to challenge traditional thinking set us apart. Our team brings this belief to life by partnering with our clients and communities to make tomorrow together.We are committed to creating an environment that prioritises innovation, collaboration, and purposeful work. Our diverse team is empowered to make a meaningful impact with curiosity, creativity and resilience to shape better outcomes. Join us and accept the challenge of creating a better tomorrow.Job DescriptionAs a Level 3 Security Engineer, you will be a senior technical escalation point within our Managed Services Security Operations team, responsible for incident response, vulnerability management, cloud security, security automation, and compliance.This role requires deep expertise in network security, endpoint security, cloud security, and automation across technologies such as Cisco ASA, Cisco ISE, Cisco Umbrella, Checkpoint Firewalls, Microsoft Sentinel, Microsoft Defender, CrowdStrike, Splunk, and cloud platforms (AWS, Azure, GCP). You will play a key role in incident detection, response, and remediation, along with ensuring compliance with security frameworks.You will engage with clients during incident management, compliance reporting, and security advisory discussions, acting as a trusted security expert. Additionally, you will contribute to security automation using Infrastructure as Code (IaC) platforms like Terraform and Ansible and work on automated security playbooks for response workflows.Your responsibilities will also include leading security investigations, managing cloud security postures, mentoring junior analysts, and collaborating with other teams to enhance security capabilities.This role plays a crucial part in enhancing the security posture of client environments, ensuring operational resilience, and minimizing security risks through proactive and reactive measures. You will work in a fast-paced, client-focused managed services environment, continually improving security operations while balancing risk management and business needs.This position exists due to business growth and offers an opportunity to work in a dynamic, customer-focused environment, ensuring the security and resilience of managed services environments.QualificationsSecurity Incident Response & ManagementUtilize infrastructure monitoring tools alongside SIEM solutions (Microsoft Sentinel, Splunk) to detect and investigate security threats.Act as a Level 3 escalation point for security incidents across network, endpoint, and cloud environments.Perform deep-dive forensic analysis to determine the root cause of security breaches and incidents.Lead incident response coordination across multiple teams, ensuring rapid containment and mitigation.Develop and implement automated response playbooks for common security incidents.Conduct post-incident analysis to improve response playbooks, detection capabilities, and security defenses.Client Engagement, Compliance Reporting & Stakeholder CommunicationAct as a security advisor for clients, assisting with compliance requirements and security risk assessments.Serve as a trusted security advisor to clients, ensuring clear communication of risks, incidents, and security improvements.Participate in incident response briefings with customers, ensuring transparency and post-incident reporting.Provide detailed compliance reports aligned with industry standards and security best practices.Support client security reviews, audits, and governance reporting.Participate in customer-facing meetings to provide updates on security incidents, compliance status, and recommended mitigations.Develop and present technical reports and security metrics to both technical and non-technical stakeholders.Work collaboratively with internal teams, external vendors, and customers to align security initiatives with business needs.Provide guidance on security best practices and assist clients in developing security strategies tailored to their environments.Vulnerability Management & Reactive Threat HuntingOversee vulnerability assessments and ensure timely patching of critical security risks.Utilize CrowdStrike, Microsoft Defender, and cloud-native security tools for threat intelligence and endpoint monitoring.Conduct reactive threat hunting based on alerts, indicators of compromise (IOCs), and security incidents.Provide recommendations for remediation and risk mitigation based on vulnerability assessments.Cloud Security & ComplianceManage security controls and hardening practices for AWS, Azure, and GCP environments.Implement cloud-native security solutions, including AWS Security Hub, Azure Security Center, and GCP Security Command Center.Ensure compliance with frameworks such as ISO 27001, SOC 2, NIST, and CIS benchmarks.Conduct cloud security posture reviews and enforce security best practices.Security Automation & Infrastructure as Code (IaC)Develop and maintain security automation workflows using Terraform, Ansible, and Python.Automate security monitoring, incident response, and policy enforcement.Implement CI/CD pipelines for security compliance testing and infrastructure hardening.Leverage API integrations to enhance security tooling interoperability.Security Policy, Governance & Change ManagementEnsure adherence to ITIL-aligned security change management processes.Lead and approve security configuration changes for firewalls, SIEMs, and endpoint security platforms.On-Call Support & AvailabilityParticipate in a rotational on-call roster for after-hours security incidents and escalations.Provide expert guidance during security breaches, ransomware attacks, and advanced threats.Support business continuity and disaster recovery planning from a security perspective.Knowledge Sharing and MentorshipAct as a technical mentor to Level 1 and Level 2 engineers, providing guidance, training, and hands-on coaching.Lead internal technical knowledge-sharing sessions, ensuring continuous skills development across the team.Develop and maintain standard operating procedures (SOPs), troubleshooting guides, and runbooks to improve team efficiency.Support cross-team collaboration by sharing expertise with other technical teams (Cloud, Security, Infrastructure).Contribute to internal knowledge base articles, best practice documentation, and training materials.Assist in onboarding new team members by providing structured technical training and mentoring.Additional InformationWhy join us:NCS Australia is where you can feel at home, nurturing your talents and skills as we make tomorrow together, one day at a time. Our benefits include paid parental leave, initiatives focused on your well-being and discounted health insurance. You will also enjoy discounts on various products and services and be regularly recognised and rewarded for high performance. We are committed to your career development through our Capability Fingerprint, industry and partner training programs, special interest groups, and an AI-driven learning platform. No matter where you are in your career, we offer meaningful work and opportunities for growth.NCS Australia is an equal-opportunity employer, and we take pride in our commitment to valuing and supporting our people and the communities we serve.We are dedicated to attracting, retaining and developing our people regardless of gender identity, ethnicity, sexual orientation, disability and age. Applications are encouraged from all sectors of the community and we strongly encourage applications from the Veterans, Aboriginal and/or Torres Strait Islander community.At NCS Australia, we are committed to supporting adjustments throughout the recruitment and selection process, as well as during employment. We actively support and encourage people with disability to apply.Agencies:We’ve got this. We request that you do not contact NCS employees outside of the Talent Acquisition team. NCS exclusively accepts resumes from agencies on our preferred supplier panel through the NCS Agency Portal. Agencies that submit resumes must have a valid fee agreement and be assigned to the particular requisition by the Talent Acquisition team. Any resumes that are submitted outside of this process will become the sole property of NCS. If a candidate is hired outside of this process, no fee or payment will be given.Work rights and background checks:To be eligible for a position with us, applicants will need to have valid work rights for Australia and be willing to undergo a comprehensive background checking process, including probity and police checksSeniority levelSeniority levelMid-Senior levelEmployment typeEmployment typeFull-timeJob functionJob functionInformation TechnologyIndustriesIT Services and IT ConsultingReferrals increase your chances of interviewing at NCS Group Australia by 2xGet notified about new Security Engineer jobs in Sydney, New South Wales, Australia.Security Engineer Internship 2025/26 - ANZSydney, New South Wales, Australia 4 days agoSecurity Engineer, Incident Response, SIRTSydney, New South Wales, Australia 2 weeks agoSydney, New South Wales, Australia 22 hours agoSydney, New South Wales, Australia 4 days agoSydney, New South Wales, Australia 6 days agoMillers Point, New South Wales, Australia 1 week agoSydney, New South Wales, Australia 2 days agoSecurity Engineer, Incident Response, SIRTSydney, New South Wales, Australia 2 days agoSydney, New South Wales, Australia 4 weeks agoSydney, New South Wales, Australia 1 month agoSydney, New South Wales, Australia 4 weeks agoArtarmon, New South Wales, Australia 3 days agoSydney, New South Wales, Australia 2 months agoSydney, New South Wales, Australia 5 days agoSydney, New South Wales, Australia 1 day agoSenior Cloud Operations and Cyber Security EngineerSt Leonards, New South Wales, Australia 3 weeks agoSydney, New South Wales, Australia 5 days agoSydney, New South Wales, Australia 22 hours agoSydney, New South Wales, Australia 2 months agoSydney, New South Wales, Australia 4 days agoAuburn, New South Wales, Australia 4 days agoGraduate Network Engineer-Technical InfrastructuresSydney, New South Wales, Australia 2 weeks agoSydney, New South Wales, Australia 3 days agoSydney, New South Wales, Australia A$140,000.00-A$160,000.00 3 weeks agoSenior Cloud Operations and Cyber Security EngineerSt Leonards, New South Wales, Australia 3 weeks agoSydney, New South Wales, Australia 2 days agoSecurity Engineering Manager - Vulnerability Management, Application Security (Remote ANZ)Sydney, New South Wales, Australia 2 weeks agoSecurity Engineer, Incident Response, AWS Corporate SecuritySydney, New South Wales, Australia 2 weeks agoThreat Response Engineer, Security OperationsWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr