Lead Security Engineer

Role Title

Lead Security Engineer

Location

Canberra, ACT

Working Arrangement

Onsite, full time
5 days per week in the office
Remote or interstate candidates will not be considered

Clearance required

Must be able to obtain Negative Vetting Level 1 (NV1)
Active NV1 clearance is required at time of engagement

Company overview

The Department of Foreign Affairs and Trade (DFAT) is responsible for advancing Australia's international interests through diplomacy, trade and development. The role sits within DFAT's Information Management and Technology Division, supporting secure global operations.

Job Description

DFAT's Cyber Operations Section within the Cyber Security, Cloud and Networks Branch is seeking a Lead Security Engineer to support defensive cyber security operations. This role is critical to protecting DFAT's global network from malicious actors and contributes to both day-to-day security operations and longer-term capability uplift initiatives.

The position aligns to an EL1 equivalent level and applies advanced engineering skills across security operations, incident response, automation and threat hunting.

Duties and Responsibilities

• Contribute to longer-term security operations uplift initiatives and capability roadmaps
• Continuously assess automation opportunities to improve Security Operations Centre efficiency and consistency
• Develop and maintain security playbooks and automated workflows
• Analyse security events and logs to identify anomalous activity and recommend security enhancements
• Undertake incident response and remediation activities
• Assist with threat hunting activities
• Maintain technical documentation and share knowledge across the team

Education/Certifications required

• Technical tertiary qualifications are highly desirable
• Relevant industry certifications such as CISSP, GCIH, GCIA are desirable
• Microsoft or Splunk certifications are highly desirable

Knowledge/Skills required

• Minimum 3 years' experience working as a Cyber Security Engineer
• Experience building and maintaining integrations between SIEM platforms and enterprise systems
• Demonstrated knowledge of log ingestion from hybrid environments including Azure and AWS
• Experience designing, implementing and testing security automation playbooks and workflows
• Experience analysing security logs and events
• Strong written communication skills with experience maintaining technical documentation
• Ability to work collaboratively and share knowledge within a team
• Experience with Splunk SOAR and Splunk Risk Based Alerting is desirable
• Experience administering Nuix to support eDiscovery or investigative data processing is desirable

Employment benefits

• Initial 12-month contract with up to two 12-month extensions
• Maximum of 40 hours per week
• Opportunity to work on mission-critical cyber security operations within a global environment

Diversity and Inclusion

We value diversity and are committed to creating an inclusive environment for all employees.

Veterans

Defence and Federal Government industry experience is highly desirable. We strong encourage veterans and individuals with Defence experience to apply. Your unique skills and background are highly valued, and we are committed to supporting your transition into this role.

About Cleared

At Cleared, we provide tailored recruitment solutions to individuals seeking their next opportunity and to organisations searching for talent within Defence Industry, Intelligence and National Security.