Cyber Defence Engineer
Commonwealth Superannuation Corporation
- Canberra, ACT
- Permanent
- Full-time
You'll be engaged in great work with awesome people, as our Cyber Defence team is on a transformation journey where you will get to use AI and automation to drive solutions-and the team is known for its supportive, collaborative culture. This role would offer development opportunities with solid leadership support and a learning culture.About the roleAs the Cyber Defence Engineer, you will play a critical role in operating and enhancing CSC's cybersecurity services to protect financial and information assets. You will work within a team of dedicated specialists, focusing on Incident Response, SIEM Engineering, Application Security, Vulnerability Management, Threat Intelligence, and Security Awareness.You will do business critical work such as enhancing prevention, detection, triage, and remediation of security events through automation. There is also a leadership development opportunity as this role will provide guidance, coaching, and support to junior cybersecurity staff while working in collaboration with the broader team.Key responsibilities
- Incident Response: Lead and support cyber incident response, including investigation, remediation, post-incident root cause analysis and security incident reporting.
- Detection Engineering: Develop and fine-tune cyber detection use cases, analyse security data for anomalies, and continuously improving detection capabilities using frameworks like MITRE ATT&CK to enhance threat detection and response.
- Automation Development: Develop automated incident response workflows via SIEM platforms (Splunk or Sentinel) for efficient triaging and incident handling, reducing manual effort and improving response time.
- Assist with Security Threat Intelligence monitoring including Identification of security threats to CSC and its customers and collaborating with information sharing groups (government and industry).
- Support audit and regulatory compliance efforts, addressing security findings and recommendations.
- Partner with cross-functional teams to help shape and develop future DevSecOps capability.
- Develop and maintain security documentation, including processes, procedures, and technical reports.
- Work in close partnership with the Cyber Defence Lead and act as delegate when required.
- You must be an Australian Citizen or Permanent Resident - a security clearance is highly regarded but not mandatory
- Tertiary qualifications in Cyber Security, Computer Science or a related discipline, essential
- 5+ years' experience in Cyber Security Operations, including but not limited to: Incident Response, Detection Engineering, SIEM Engineering or Security Automation
- Good scripting skills in Python, Bash or PowerShell
- Knowledge of multiple security frameworks such as NIST, PSPF, CSF, OWASP, ASD E8
- Enterprise implementation and operation of security technologies such as: Identity and Access Management, End Point Protection, DDoS Protection, Data Loss Prevention
- Security compliance in financial and government environments
- Security configuration and operation of Windows and Linux, Email gateway appliances & technology and Firewalls
- Good understanding of Application Security Testing (SAST, DAST, SCA) and secure coding best practices in cloud environments
- Demonstrated ability to build and maintain collaborative relationships
- Strong analytical, problem-solving and stakeholder management skills
- Ability to proactively manage a varied workload, to prioritise and meet deadlines
- Permanent role with flexible and hybrid work options
- Expand your technical expertise with exposure to automation, AI security and DevSecOps
- Develop as a leader by mentoring and guiding technical teams
- Tailored learning and career pathways, from advanced technical training to leadership development
- Collaborative, diverse and supportive culture where knowledge-sharing is valued