Senior Front - End Engineer responsible for scaling the front - end layer of a B2B SaaS platform used for live rail assistance. Collaborating with cross - functional teams to enhance usability and stability.
BI
Hybrid SIEM Specialist, Detection Engineer
Posted last month
About the role
- SIEM specialist designing and deploying SIEM/SOAR capabilities for government clients. Role requires security clearance and client engagement in Canberra.
Responsibilities
- Oversee deployment / implementation activities ensuring that entry criteria are met, all planned activities are completed and that rollback plans are initiated where required.
- Identify use cases, plan development, deployment, testing and release into production.
- Produce, update and maintain corresponding playbooks for detection and automation content.
- Develop, test and deploy updated and new content across the monitored estate in liaison with the client.
- Maintain existing detection content to ensure it remains current and relevant to the monitored estate, and that false positives are kept to a minimum.
- Assess the effectiveness of new / updated rules and analytics to feed into future development activities.
- Review and approve all required documentation as part of a release or change including design, deployment, configuration and administration guides.
- Support attack, threat and exposure modelling to identify new attack paths and determine suitable detection content to detect path being exploited.
- Support threat hunting and content enrichment.
- Integrate solutions with vulnerability and asset and configuration management and other tools to enrich efficacy of the solution.
- Obtain authorisation for implementing releases and changes through the Change Management process.
- The strategic focus of the role is to ensure that the detection and monitoring technology remains optimised, current and tailored to the changing threat landscape, client risk position and technology in use. The role is a cyber technical specialist with deep knowledge of the Cyber Monitoring technologies and cyber threat tools, tactics, techniques and procedures.
Requirements
- Strong knowledge of how Azure and AWS security functions work as security controls as well as detection tools to protect large cloud estates.
- Production of content and playbooks on Sentinel and Splunk to detect security breaches and recognise the importance of threat led Use Cases.
- Knowledge of SIEM/SOAR tools (Splunk and Sentinel at a minimum) and other appropriate tooling e.g. SOAR, Threat Intelligence, traffic analysis tools etc. to identify signs of an intrusion, and advise where new/improved tooling could enhance the SOC operation.
- Deep knowledge and experience of operational ICT service delivery management.
- Working with a range of security tooling/technology.
- Strong understanding of security architecture, in particular networking.
- Detailed understanding of threat intelligence and threat actors, TTPs and operationalising threat intelligence.
- Understand TCP/IP component layers to identify normal and abnormal traffic.
- Experience of Splunk (with ES) &/or Sentinel.
- Experience developing SIEM/SOAR content desirable.
- Client side consulting, including stakeholder engagement and the ability to communicate insights and concepts to others, including briefing skills and report writing.
- Coaching mindset – helping and mentoring the team.
- Security process development.
- Able to understand and adapt to different cultures and hierarchical structures.
- Self-starter and capable of independent working.
- Team player and adept at working in multi-disciplinary and diverse teams.
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Building Science Engineer at Stantec supporting building envelope design and consulting for various projects. Collaborating with senior leaders on technical expertise and managing project responsibilities.
Staff Level Geologist or Scientist supporting site investigation and remediation projects for environmental consulting firm Stantec. Collaborating with professionals on various environmental assessments and audits.
Senior Geotechnical Engineer at Stantec leading diverse geotechnical projects and managing client relationships. Collaborating with a local team while contributing to innovative solutions in engineering.
Intermediate Geotechnical Engineer at Stantec, leveraging innovation and technical expertise in Edmonton. Collaborating with clients and managing diverse geotechnical projects with a motivated team.
Senior Informix Engineer overseeing IBM Informix databases administration and support. Ensuring high availability, performance tuning, and application development in a dynamic environment.
Associate Projects Engineer focused on datalink and networking solutions for Ovation control systems. Collaborating globally while providing technical support in design and troubleshooting.
V&V Engineer within Emerson’s Test and Measurement Systems group developing products and systems for the test and measurement industry. Collaborate with global engineering teams throughout the product lifecycle in Austin, TX.
Network Engineer responsible for designing and optimizing fixed access networks in a leading telecommunications company. Involved in project planning, engineering, and implementation of fiber optics and last mile technologies.
Experienced Geotechnical Engineer responsible for analyzing and delivering geotechnical solutions in infrastructure projects. Collaborating with teams in Brisbane and other QLD locations.