Security Operations Engineer

We are looking for a Security Operations Engineer to design implement and operate secure scalable and automated technology platforms that support the delivery of complex cloud and hybrid information systems. This role is responsible for embedding securebydesign principles automating infrastructure and deployment processes and ensuring the confidentiality integrity availability and compliance of ATO systems.

Operating within a DevOpsaligned environment the Engineer embeds security and automation across CI/CD pipelines leveraging cloud services infrastructureascode monitoring and alerting capabilities. You will contribute to the development of policies standards and reusable patterns while driving continuous improvement in platform reliability security posture and delivery efficiency.

Qualifications :

Technical Skills & Experience

• Cloud Security Operations: Expert proficiency in AWS security controls (IAM EC2 S3 CloudTrail Security Groups) with the ability to implement maintain and monitor secure cloud environments.

• DevSecOps & CI/CD Integration: Demonstrated experience delivering secure build practices within Azure DevOps (ADO) pipelines including automated security testing gated approvals and compliance automation.

• Infrastructure as Code (IaC): Familiarity with AWS CDK or equivalent frameworks to ensure the secure repeatable and automated provisioning of cloud resources.

• Vulnerability Management: Hands-on capability using Tenable Nessus (or similar) for scanning and assessment with experience integrating risk data into SIEM and GRC platforms (specifically ServiceNow).

• Monitoring & Log Analysis: Skilled in defining alerting thresholds in AWS CloudWatch and performing deep-dive log analysis and dashboarding using Splunk or the ELK Stack.

• Application Security Testing: Practical experience conducting SAST and DAST across complex systems utilizing tools such as Fortify SonarQube and Xray for continuous security assurance.

• Supply Chain Security: Knowledge of CycloneDX and SBOM (Software Bill of Materials) generation and validation to manage and secure the software supply chain.

• Secure Coding & Scripting: Strong understanding of secure coding practices (Python Java JavaScript) to support threat modeling and the development of security-focused automation scripts.

• Secure-by-Design Implementation: Proven ability to embed security gates and automated controls within DevOps workflows ensuring alignment with architectural security principles.

• Willing and able to obtain a AGSV Security clearance.

Additional Information :

Why join us: 

NCS Australia is where you can feel at home nurturing your talents and skills as we make tomorrow together one day at a time. Our benefits include paid parental leave initiatives focused on your well-being and discounted health insurance. You will also enjoy discounts on various products and services and be regularly recognised and rewarded for high performance. We are committed to your career development through our Capability Fingerprint industry and partner training programs special interest groups and an AI-driven learning platform. No matter where you are in your career we offer meaningful work and opportunities for growth.

NCS Australia is an equal-opportunity employer and we take pride in our commitment to valuing and supporting our people and the communities we are dedicated to attracting retaining and developing our people regardless of gender identity ethnicity sexual orientation disability and age. Applications are encouraged from all sectors of the community and we strongly encourage applications from the Veterans Aboriginal and/or Torres Strait Islander community.

At NCS Australia we are committed to supporting adjustments throughout the recruitment and selection process as well as during employment. We actively support and encourage people with disability to apply. 

Agencies:

Weve got this. We request that you do not contact NCS employees outside of the Talent Acquisition team. NCS exclusively accepts resumes from agencies on our preferred supplier panel through the NCS Agency Portal. Agencies that submit resumes must have a valid fee agreement and be assigned to the particular requisition by the Talent Acquisition team. Any resumes that are submitted outside of this process will become the sole property of NCS. If a candidate is hired outside of this process no fee or payment will be given.

Work rights and background checks: 

To be eligible for a position with us applicants will need to have valid work rights for Australia and be willing to undergo a comprehensive background checking process including probity and police checks

Remote Work :

No

Employment Type :

Full-time