Principal Security Engineer Cyber Advisor

Indigitise Pty Ltd


Job Location:

Canberra - Australia

Monthly Salary: Not Disclosed
Posted on: 2 hours ago
Vacancies: 1 Vacancy

Job Summary

Job details

Cyber Advisors provide ICT security advice and assistance to government including policy creation project advice and assistance and research.

Key duties and responsibilities

The Services delivered in collaboration with and under supervision by nominated AFP personnel include but are not limited to the following:

Design and implement onboarding of log sources into the SIEM from cloud on-premise identity endpoint and network platforms

Develop and maintain parsing normalisation and data quality standards for logs

Build and maintain SOAR workflows to automate alert triage enrichment containment and response

Integrate SIEM and SOAR platforms with security and IT tooling including EDR IAM ticketing email firewall and threat intelligence systems

Develop tune and maintain high-quality detection rules aligned to threat detection capability attacker techniques and organisational risk.

Create and maintain SOC playbooks and operational runbooks mapped to automated workflows

Reduce false positives and improve alert fidelity through continuous tuning and enrichment

Support incident response through log analysis detection insights and rapid rule development

Conduct detection gap analysis following cyber events incidents and threat intelligence updates

Maintain performance reliability and configuration of SIEM/SOAR platforms

Implement dashboards for monitoring and health checks for the SIEM/SOAR platforms

Develop and maintain clear accessible documentation for analysts and capture system knowledge to support ongoing operations and knowledge transfer.

Define and report on key detection and response performance metrics (e.g. MTTD MTTR alert quality automation or MITRE coverage) to assess effectiveness and inform continuous improvement initiatives.

Technical skills

Technical skills candidates would need to have (including but not limited to) are listed below:

Demonstrated hands-on experience as a tech lead implementing and administering enterprise SIEM platforms such as Microsoft Sentinel/Windows Defender IBM Qradar Elastic or Splunk with strong experience in automation writing complex queries correlation rules parsers and developing SOC playbooks

Proven ability to optimise and integrate SIEM platforms reduce false positives and improve alert qua




Required Skills:

1. Experience in Salesforce Vlocity platform using specifically Apex LWC Ominiscripts Flexcards. Integration procedure and DataRaptors. 2. Experience working with OOP frameworks & design patterns. 3. Experience in building and working with integration (example REST APIs Platform Events). 4. Platform Developer I Platform Developer II Ominstudio Developer certified. 5. Experience in Salesforce Sales Cloud Service Cloud Community Cloud Health Cloud implementations. 6. Experience working with Source Control tools (e.g. GitLab) & package-based development


Required Education:

Bachelors

Job detailsCyber Advisors provide ICT security advice and assistance to government including policy creation project advice and assistance and research.Key duties and responsibilitiesThe Services delivered in collaboration with and under supervision by nominated AFP personnel include but are not lim...

About Company

Company Logo

Indigitise is a leading professional services enterprise with a strong presence across Australia, specializing in IT consulting, IT services, and digital transformation solutions. Our team has extensive experience providing innovative and effective IT solutions to the Commonwealth Gov ... View more

View Profile View Profile