Job Description Seeking a Senior Cyber Security Engineer with experience with Azure, M365 and AWS technologies. The Senior Cyber Security Engineer will be lead the development of complex cyber security technologies and processes to with a lens on continual improvement. The candidate will lead the development of core and emerging cyber security technologies including SIEM, SOAR, Vulnerability Management, Threat Intelligence. A key part of the role is collaboration with internal stakeholders to ensure agency objectives are met. The Senior Cyber Security Engineer will work closely with the Cyber Security Operations Centre (SOC) to continually enhance platforms based on feedback received. Key duties and responsibilities Responsibilities of the role include but are not limited to: • Interpret business strategic direction and functional requirements and develop corresponding technologies to enhance the agency’s defensive posture. • Working collaboratively with internal project teams and stakeholders to develop and deliver key cyber technologies. • The introduction and development of orchestration and automation technologies. • Continual refinement of processes, methods, and technologies to enhance the cyber security posture of the agency. • Translate technologies into simple processes and mentor junior staff wherever required. • Provide and maintain high quality documentation – including the development of architectural designs, Standard Operating Procedures and Service Design packs. • Participate in procurement activities and provide specialist advice. Technical skills • SIEM engineering experience, including use case traceability and development, custom query writing in one or more of the following platforms – Splunk Enterprise Security, Microsoft Sentinel, AWS Security Hub QRadar , Exabeam or comparable platforms. AND one of the following: • Vulnerability Management in any of the following platforms – Microsoft Defender, Rapid 7, Tenable, Dynatrace or similar platforms. • Threat Intelligence platform management About the team The Technology Services Division is primarily responsible for the management of technology related solutions within the Agency. This includes managing Shared Services Information and Communication Technology (ICT) services and delivery of ICT projects. The Cyber Security and Resilience Branch implements the requirements of government security policies and frameworks. This is achieved by providing strategic, tactical and operational Agency-wide oversight of Cyber Security and Operations, and Identity and Access Management. The Cyber Operations team is responsible for the identification, response, and remediation of security incidents across the organisation. Essential criteria 1. SIEM engineering experience, including use case traceability and development, custom query writing in one or more of the following platforms – Splunk Enterprise Security, Microsoft Sentinel, AWS Security Hub QRadar , Exabeam or comparable platforms. 2. AND one of the following: - Vulnerability Management in any of the following platforms – Microsoft Defender, Rapid 7, Tenable, Dynatrace or similar platforms. - Threat Intelligence platform management in one or more of the following – Microsoft, Threatstream , ThreatIQ or comparable platforms. Desirable criteria 1. Automation experience – demonstrated automation experience in Cyber Security platforms 2. Familiarity with DevSecOps monitoring. 3. Experience working with Threat Modelling tools, processes and procedures. 4. Platform integration experience using API’s and Prompt engineering Contract: 12 Months Contract with 2 x 12 months extension options Security Required: Must have a Baseline Security Clearance required Location - ACT, NSW, NT, QLD, SA, TAS, VIC, WA and Hybrid - minimum of 3 days each week in the office, with flexible arrangements in place for the remaining 2 days). Infrequent overnight travel (dependent on candidates location) may be required. How to Apply Please upload your resume to apply. Candidates will need to be willing to undergo pre-employment screening checks which may include, ID and work rights, security clearance verification and any other client requested checks Closing date: Monday 09 June 2025 at 9am - Canberra time Call Joanne Finchett on 0480 002454 or email [email protected] for any further information