Our client is a highly respected Federal Government law enforcement and national security organisation responsible for protecting Australia's interests both domestically and internationally. Operating at the forefront of security, intelligence, and law enforcement, the organisation leverages advanced technology and cyber capabilities to combat serious and organised crime, safeguard critical systems, and support national security outcomes.
As part of an ongoing technology transformation, the organisation is investing heavily in modern cyber security capabilities, strengthening operational resilience, and enhancing its ability to detect, respond to, and mitigate evolving cyber threats.
About the Role
We are seeking an experienced Principal Security Engineer – Cyber Advisor to join a high-performing cyber security team based in Canberra.
In this role, you will play a key part in designing, implementing, and enhancing enterprise security monitoring and response capabilities. Working across SIEM and SOAR platforms, you will help strengthen the organisation's cyber detection, automation, and incident response functions while supporting operational teams with expert cyber security advice and technical leadership.
Key responsibilities will include:
- Designing and implementing the onboarding of security log sources across cloud, endpoint, identity, network, and on-premises environments.
- Developing and maintaining SIEM use cases, correlation rules, parsers, and data normalisation standards.
- Building and optimising SOAR workflows to automate alert triage, enrichment, containment, and response activities.
- Integrating security platforms with EDR, IAM, ticketing, firewall, email security, and threat intelligence solutions.
- Developing, tuning, and maintaining detection content aligned to emerging threats and organisational risk profiles.
- Supporting cyber incident response through advanced log analysis and rapid detection engineering.
- Conducting detection gap assessments and driving continuous improvement initiatives.
- Developing dashboards, performance metrics, health monitoring, and reporting capabilities across security platforms.
- Creating and maintaining documentation, operational runbooks, and SOC playbooks.
- Providing technical leadership, mentoring junior team members, and contributing to cyber security strategy and best practice.
To be successful, you will bring extensive experience in cyber security engineering, security operations, and detection capability development within large and complex environments.
You will demonstrate:
- Proven experience leading the implementation and administration of enterprise SIEM platforms such as Microsoft Sentinel, Microsoft Defender, Splunk, Elastic, or IBM QRadar.
- Strong hands-on experience developing automation, correlation rules, detection use cases, parsers, and SOC playbooks.
- Experience integrating SIEM and SOAR solutions with broader security and IT ecosystems.
- Advanced knowledge of security monitoring, threat detection, incident response, and cyber security operations.
- Strong analytical and problem-solving skills, with the ability to rapidly investigate and respond to emerging threats.
- Excellent communication and stakeholder engagement skills, including the ability to provide trusted cyber security advice.
- Experience mentoring, coaching, and supporting technical teams.
- A commitment to continuous learning and staying current with evolving cyber security technologies and threat landscapes.
We’re Whizdom. We view you as an extension of our strong, dependable brand and have differentiators which really are different! The Whizdom way:
- We pay our contractors same day you submit your timesheet!
- We are Level 3, DISP certified and have signed the Veteran Employment Commitment and been awarded the highest level of compliance to this important initiative, proactively assisting veterans transitioning from the forces to civilian roles. We’ve been lucky enough to win industry awards for our high level of process compliance and are ISO 9001 certified. Our commitment to reducing Greenhouse Gas Emissions has been accredited in line with large global organisations.
- We value diversity and welcome applications from Indigenous Australians, people from diverse cultural and linguistic backgrounds and people living with a disability.
Location: The role is based in Barton, Canberra ACT.
Office Type: Onsite
Contract terms: 36 months from commencement date, plus rolling 12 month extensions as required
Estimated Hours: 37.5 per week
Security Requirements: Due to the nature of this position, candidates must hold a minimum NV1 security clearance.
How to Apply: Please upload your resume to apply. Please note you will need to complete selection criteria to complete this application process. We will be in touch with instructions for suitably skilled candidates.
Candidates will need to be willing to undergo pre-employment screening checks which may include, ID and work rights, security clearance verification and any other client requested checks.
Applications open until 8am 29 July 2026.
Reach Damien on 0480 002 503 or damienm@whizdom.com.au for any further information.


