To obtain a copy of the Candidate Information Kit for this vacancy, please click on the ‘Apply Now’ button to the left of this advertisement.
The key duties of the position include:
Employment Opportunity
The Senior Cyber Security Specialist, an operations analyst role, plays a pivotal dual role within the Cyber Security Monitoring and Operations Team. The position provides operational oversight and quality assurance of an external Security Operations Centre (SOC) while also contributing hands-on technical expertise to internal incident response, detection engineering, threat hunting, and cyber defence activities.
The role requires a highly capable cyber security practitioner with proven experience in incident response, SOC operations, and security tooling, combined with the leadership experience necessary to guide, challenge, and uplift both the external SOC provider and junior team members. The successful candidate will act as the technical point of escalation, ensure SOC outputs meet organisational expectations, and work closely with internal security operations engineers to maintain and improve the department's cyber resilience and Essential 8 maturity.
This position suits someone who enjoys both strategic oversight and in-depth technical work, who can collaborate effectively across internal engineering, infrastructure, governance, and external partner teams. The successful candidate will come into the team in a time of significant uplift of the security tooling and modernisation of the security landscape at the department.
How you can help us make a difference
Our ideal candidate will have:
* extensive experience in operational security roles such as SOC Analyst, Incident Responder, DFIR specialist, or Threat Hunter
* strong understanding of SIEM/EDR/SOAR platforms (Google SecOps, Microsoft Defender, Carbon Black, AWS GuardDuty)
* proficiency in log analysis, detection engineering, root cause analysis, and behavioural analytics
* familiarity with network, identity, cloud security, and endpoint security technologies
* strong knowledge of adversary techniques (MITRE ATT&CK, threat intel, behavioural indicators)
* experience with threat hunting, vulnerability analysis, and proactive defence uplift
* hands-on scripting or automation experience and vulnerability management procedures
* experience providing oversight leadership within a SOC or incident response functions
* demonstrated ability to guide and uplift third-party SOC providers or internal junior analysts
* strong analytical, problem-solving, and investigative abilities.
Other qualifications (desirable but not required):
* defensive security certifications such as GCIA, GCDA, GCIH, GCFA, GDAT, Blue Team Level certifications, Google or Microsoft Security certifications, or equivalent
* offensive certifications (e.g., OSCP, PNPT) are beneficial for understanding adversary tradecraft.
Eligibility
To be eligible for employment at the Attorney-General’s Department applicants must be Australian citizens.
Applicants offered employment will be required to successfully undergo a police record check and be able to obtain and maintain a security clearance at a specified clearance level. The successful applicant must be willing to disclose all relevant and required information.
Successful applicants engaged into the APS will be subject to a probation period.
Notes
A merit pool of suitable applicants may be created from this process, and will be active for 18 months after the date of this gazettal.
If you have any questions regarding the recruitment process or require any reasonable adjustments, please speak contact HR Assist at *********@ag.gov.au or 02 6141 6*** (option 2).
The department is committed to creating a diverse and inclusive working environment. We actively support and encourage people of all backgrounds; gender, age, ethnicity, race, cultural background, disability, religion and sexual orientation to apply and aim to ensure that the recruitment and employee experience is as accessible and inclusive as possible.
First Nations people can contact us to discuss options for working from Country.
Getting to know the Attorney-General's Department
The Attorney-General's Department delivers programs and policies to maintain and improve Australia's law and justice framework, and to facilitate jobs growth through policies that promote fair, productive, flexible and safe workplaces. Through the Australian Government Solicitor, we also provide legal services to the Commonwealth, including legal advice and representation. Our department is the central policy and coordinating element of the Attorney-General's portfolio.
Our department is structured into four groups:
* Australian Government Solicitor
* Justice and Communities
* Integrity and Security
* Enabling Services
The department operates in a diverse and complex environment to address challenging issues. We have a highly-skilled and engaged workforce involved in policy development and implementation and program administration. The department also has a large number of practicing lawyers, mainly within the Australian Government Solicitor Group within the department.