SOC Security Engineer Tier 2 - Macquarie Technology Group Sydney, NSW 2000 Bookmark Share Print 34 0 0

Listing Description

About us

Macquarie Government has over 15 years’ experience in providing Government agencies with secure, reliable and proactive services. We provide secure internet gateway services to 42% of federal Government agencies and are the first Australian cloud approved by the Australian Signals Directorate (ASD). As a team, Macquarie Government are hardworking, results and success focused. We also take the time to celebrate our success and make sure our people are doing work that makes a difference.

We believe that collaboration & team connection is key for success. This role will be based in Sydney on-site 5 days a week from Monday to Friday.

We require security clearance for this role, you must be an Australian citizen to be eligible to obtain a security clearance.

The Opportunity

This role is part of the Security Operations Centre "SOC". The overall purpose of the SOC team is to detect, contain, eradicate, remediate and prevent security incidents affecting the Macquarie Technology’s Secure Internet Gateway and Government Infrastructure that operates within Macquarie Technology’s Datacentres, and assist customers where possible to achieve the same.

In this role, you will develop and grow the cyber threat detection platforms, response plans, and playbooks, maintain and tune the mechanisms which support these.

You will be an escalation point for internal and customer incidents and will co-ordinate with other teams as required, following and developing the incident management process.

Why work for us

When you work for Macquarie Government you are working with a like-minded team of humble, hungry and smart people. We have one of the highest employee engagement scores globally, and we are regularly recognised as one of the best Cloud, Data Centre, and Cyber providers in the business. We are also providing services to 42% of Australian Federal Government, so you can be a part of one of the very few sovereign security providers in the country.

Our people, our employment strategy and our investment in our people is a big reason for our success.

What you'll be doing

Pro-actively use cyber threat information, skills and intuition to explore vast amount of data to detect security threats.

Implement preventive and corrective countermeasures against cyber-threat including the development of SIEM Use Cases.

Evaluate impact of security bulletins & alerts.

Subject Matter Expert in logging and detection technologies for the SOC.

Handle customer reporting on security events and answer customer enquiries on reporting.

Develop, maintain and tune detection mechanisms (play books and use cases) with adequate documentation.

Provide input to proposed continuous improvement of our working practices and over-all quality of service.

Required experience and skills

You are an Australian citizen, eligible to obtain a Government security clearance

1 - 2 years of experience as a SOC Analyst, Security Engineer or related role.

Hands-on experience working with Microsoft Sentinel. Understanding and ability to craft use cases for SIEM technologies, principally Sentinel.

Good understanding of threat actors Tactics, Techniques and Procedures (TTP’s) and how these could relate to enterprise environments.

Understanding of application and network protocols use and behaviours.

Understanding of cyber security issues such as computer intrusions, malicious code, phishing and SPAM.

Data search programming languages, such as Python ; SLQ ; Sentinel KQL and others.

Detailed understanding of MITRE Attack Framework is an advantage.

If this excites you, apply now!

Listing Details

Citizenship: Not Provided
Incentives: Not Provided

Education: Not Provided
Travel: Not Provided
Telework: Not Provided

Listing Description

Listing Details

About Us

Useful Links

Our Contacts