As the selected candidate, you will:
- Monitor, detect, and respond to cyber security threats using platforms such as Microsoft Sentinel and Defender.
- Develop, tune, and manage analytics rules, dashboards, and alerting use cases to identify malicious activity.
- Conduct proactive threat hunting activities by analysing telemetry and leveraging threat intelligence.
- Lead or support incident response efforts, including investigation, containment, eradication, and recovery.
- Analyse security events, logs, and alerts across cloud and enterprise environments, prioritising incidents based on risk and impact.
- Create and maintain automation scripts and playbooks to enhance response efficiency and reduce manual efforts.
- Assess vulnerabilities across systems and collaborate with development teams to ensure timely remediation.
- Incorporate threat intelligence into detection strategies and use case development.
- Manage security tools, optimise their configuration, and identify opportunities for system improvement.
- Work closely with various teams to enhance detection coverage, share operational learnings, and support continuous improvement.
- Maintain detailed documentation, incident records, and operational runbooks to support governance and compliance requirements.
- Proven hands-on experience in cyber security operations, including monitoring, incident response, and threat analysis within enterprise or cloud environments.
- Demonstrated proficiency with SIEM and SOAR platforms, preferably Microsoft Sentinel, including writing KQL queries, alert tuning, and creating dashboards.
- Experience in diagnosing and responding to security incidents, including performing root cause analysis.
- Strong scripting skills and experience in developing security automation and orchestration playbooks.
- Familiarity with Microsoft Azure cloud services, particularly monitoring, logging, and security controls.
- Knowledge of cyber security frameworks and best practices, including Australian Whole-of-Government policies such as ISM and Essential Eight.
- Ability to obtain or hold a security clearance suitable for the role.
- Advanced knowledge of security automation tools and scripting languages.
- Previous experience working within government or large organisational security teams.
- Strong collaboration skills to effectively work with development, security, and operational teams.
Apply now for immediate consideration – contact Param Kaur on 02 6268 9781 quoting Job Reference: # 270767
Please note: Only candidates that meet the above criteria will be contacted. Thank you for your interest in the position.
Please note that Aida, our after-hours AI conversational screening assistant, may be used as part of the initial application process.
Peoplebank and Leaders IT are committed to creating a diverse and inclusive workplace where everyone belongs. We welcome applications from people of all backgrounds, identities, and experiences. If you need adjustments to the recruitment process due to your circumstances, please let us know—we’re here to support you.












