Please respond to the job if you are an Australian Citizen and residing in Australia.Key Responsibilities: Create threat models and perform threat hunts to inform the detection engineering strategy.Develop use cases based on threat models, system risks, vulnerabilities, intelligence, incident reports, and industry frameworks.Develop the detection rule syntax associated with use cases within the SIEM and EDR technologies.Develop playbooks for alert validation by understanding the context in which the detection rule is designed.Collaborate with Cyber Defence Analysts for detection rule tuning.Maintain the threat intelligence integrations across the SOC technology stack.Assist in the identification of content shortfalls across the detection engineering practice.Assist with incident response at the direction of the incident manager.Conduct in-depth research and analysis for new detection content.Assist in the onboarding of new data sources to meet the requirements of use cases.Provide evaluation and feedback necessary for improving intelligence production and reporting.Provide support to designated exercises, planning activities, and time-sensitive operations.Every application requires addressing selection criteria as part of the application submission.Minimum Requirements: Demonstrable experience in content development with at least 2 SIEM technologies (Splunk, Elastic, Q-Radar, MS Sentinel).Experience in a detection engineering practice.An understanding of the sigma detection rule syntax.Experience with SOAR technologies and playbook development.Experience with EDR technologies (Carbon Black, CrowdStrike, Defender ATP).A thorough understanding of the cyber threat intelligence lifecycle.Knowledge of scripting languages (Bash, Python).Strong organizational and teamwork skills.Professional Certifications, such as GIAC.Minimum 5 years of cyber security operations experience.Required Skills:#J-18808-Ljbffr