About the Role You’ll work directly inside a client Cyber Security Operations Centre (CSOC), acting as the go?to SIEM engineer. Your focus will be on keeping the platform healthy, onboarding and improving log sources, tuning detection content, and finding smart ways to optimise performance and cost.
You’ll work closely with infrastructure, cloud, application and business teams to uplift logging maturity and strengthen detection and response outcomes.
Key Responsibilities
- Maintain SIEM platform health and availability
- Onboard and integrate log sources across network, endpoint, cloud and application environments
- Improve log fidelity, structure and consistency
- Monitor ingestion rates, trends and data quality
- Identify opportunities to optimise performance and reduce ingestion/storage costs
- Build and tune correlation rules, alerts, dashboards and reports
- Maintain SIEM integrations, including threat intel feeds and API connections
- Support SOC teams during incident response and remediation
- Develop and maintain SOPs for cyber security tooling
- Work with system owners to uplift logging maturity and drive capability improvements
- 3+ years in SIEM engineering, SOC operations or cyber security operations
- Strong experience onboarding, parsing and normalising logs from diverse sources
- Proven ability to build and maintain SIEM content (rules, dashboards, reports, alerts)
- Experience monitoring ingestion, data quality and platform performance
- Ability to analyse ingestion trends and identify optimisation opportunities
- Strong communication and stakeholder engagement skills
- Australian Citizenship + NV1 clearance (minimum)
- Experience with Google SecOps, Chronicle or similar SIEM platforms
- Experience with log forwarding/pipelines (e.g., Bindplane)
- Understanding of detection engineering and threat?informed defence
- Familiarity with threat TTPs
- Experience supporting incident response or threat hunting
- Exposure to EDR, XDR, SOAR and related technologies
- Understanding of cloud platforms, APIs and modern application architectures
- Familiarity with Australian Government environments and compliance frameworks
The office is a short walk from Braddon’s cafes, restaurants and breweries, with easy access to public transport including light rail.
If you enjoy deep technical challenges and want to contribute to capability uplift in secure environments, this role will feel like a great fit.
Eligibility
- Australian Citizen
- NV1 clearance (minimum)
- Able to meet pre?employment screening requirements
We are an inclusive employer committed to fostering a diverse and accessible workplace. We encourage applications from Aboriginal and Torres Strait Islander peoples, people with disabilities, LGBTQIA+ individuals, people of all ages, and those from culturally and linguistically diverse backgrounds.
