We're partnering with the Department of Foreign Affairs & Trade (DFAT) to find an experienced Cyber Security Engineer to join their Cyber Operations team. This is a high-impact role focused on protecting critical global infrastructure from evolving cyber threats. Location & DetailsLocation of work: Canberra / Onsite Security Clearance: NV1 or higher Estimated start date: Monday, 18 May 2026 What you'll be doing:Driving security operations uplift and automation initiatives Designing and maintaining security playbooks & SOAR workflows Analysing security logs and events to detect threats and anomalies Supporting incident response, remediation, and threat hunting Enhancing SOC efficiency through automation and integration What we're looking for:3+ years' experience as a Cyber Security Engineer Strong experience with SIEM integrations (e.g. Splunk, Sentinel) Hands‐on knowledge of Azure & AWS log ingestion Proven ability to build automated security workflows/playbooks Solid experience in incident response & SOC operations Strong documentation and collaboration skills Nice to have:Experience with Splunk SOAR and Risk‐Based Alerting (RBA) Exposure to Nuix (eDiscovery / investigations) Certifications such as CISSP, GCIH, GCIA, Microsoft, or Splunk#J-18808-Ljbffr