We’re partnering with the Department of Foreign Affairs & Trade (DFAT) to find an experienced Cyber Security Engineer to join their Cyber Operations team. This is a high-impact role focused on protecting critical global infrastructure from evolving cyber threats.
Location & Details
* Location of work: Canberra / Onsite
* Security Clearance: NV1 or higher
* Estimated start date: Monday, 18 May 2026
What you’ll be doing:
* Driving security operations uplift and automation initiatives
* Designing and maintaining security playbooks & SOAR workflows
* Analysing security logs and events to detect threats and anomalies
* Supporting incident response, remediation, and threat hunting
* Enhancing SOC efficiency through automation and integration
What we’re looking for:
* 3+ years’ experience as a Cyber Security Engineer
* Strong experience with SIEM integrations (e.g. Splunk, Sentinel)
* Hands‑on knowledge of Azure & AWS log ingestion
* Proven ability to build automated security workflows/playbooks
* Solid experience in incident response & SOC operations
* Strong documentation and collaboration skills
Nice to have:
* Experience with Splunk SOAR and Risk‑Based Alerting (RBA)
* Exposure to Nuix (eDiscovery / investigations)
* Certifications such as CISSP, GCIH, GCIA, Microsoft, or Splunk
#J-18808-Ljbffr