Job details
The Cyber Operations Section within the Cyber Security, Cloud and Networks Branch of the departments Information Management and Technology Division is seeking a resource to fill the role of a Cyber Security Engineer. This position is vital to the Cyber Operations Section and involves the application of advanced engineering skills to conduct defensive cyber security operations, ensuring the protection of our global network from malicious actors.
Job Specific role description
The Cyber Security Engineer will undertake the following tasks:
- Contribute to longer-term security operations uplift initiatives and capability roadmaps.
- Continuously assess emerging automation opportunities to improve SOC efficiency and consistency.
- Develop and maintain playbooks and automated workflows to assist with Cyber Security tasks.
- Analyse security events and logs to identify patterns of potential anomalous activity, recommend security enhancements, and assist in developing countermeasures to prevent future incidents.
- Undertake incident response and remediation functions.
- Assist with Threat Hunt activities.
- Delivery and operation - Security security operations and resilience - Security Operations (SCAD) - Level 5
- Minimum 3 years working as a Cyber Security Engineer.
- Experience building and maintaining reliable integrations between SEIM platforms and enterprise systems.
- Demonstrated knowledge of log ingestion from hybrid hosting platforms, including Azure and Amazon Web Services.
- Experience designing, implementing and testing security automation playbooks and workflows.
- Ability to work well and share knowledge within a team.
- Well-developed writing skills and experience maintaining technical documentation.
- Experience administering Nuix to support eDiscovery or investigative data processing.
- Experience using Splunk SOAR to develop Playbooks.
- Knowledge of Splunk Risk Based Alerting (RBA).
- Technical tertiary qualifications, Microsoft or Splunk certifications are highly desirable. • Relevant industry certifications such as CISSP, GCIH, GCIA, etc.
Security Required: NV1 Security Clearance required
Location- Canberra based
How to Apply - Please upload your resume to apply. Candidates will need to be willing to undergo pre-employment screening checks which may include, ID and work rights, security clearance verification and any other client requested checks
Closing date: Monday 30 March 2026
Call Joanne Finchett on 0480 002454 or email Joanne@whizdom.com.au for any further information
