Hey there, Defensive Cyber Security Engineers. Fancy plying your trade with a business with some very cool, unique product offerings? One making moves in their market? Fancy being hands-on, playing with tools and tackling a diverse set of security tasks? This full-time gig in Sydney might be right up your alley.
You’ll be stepping into a security role which will keep you on your toes, where you’ll manage everything from incident response to vulnerability management and security tooling. Oh, you’ll also receive free, delicious food (yes, really), and you’ll get to do this in an environment doing some pretty brilliant things with some pretty brilliant technology.
To dive a bit deeper, you’ll be working with an agile team in an agile business that’s working hard to improve security hygiene, whether by enhancing security monitoring tools, working on improving cloud-based services, or staying ahead of emerging threats. You’ll have the chance to work on detection engineering, collaborate with external vendors, and be part of larger cyber improvement initiatives that drive security culture forward.
You’ll be splitting your time between home and the extremely cool Sydney CBD office, and you’ll earn a base salary around $135k - $165k, aligned with your skills and experience (super applied atop this base figure).
How will you be spending your time in this role? - In a hands-on fashion, playing with and enhancing SIEM/SOAR platforms.
- Directly working with and optimising EDR/XDR tools such as CrowdStrike.
- Both analysing, and generally keep abreast of emerging threats and trends.
- Incident response, from eyes-on-glass triage and analysis, to planning, processes, test procedures, etc.
- Remediating vulnerabilities, with an eye on always refining the vuln. management process.
- Automation and scripting with the likes of PowerShell, Bash, etc.
- Playing your part in coordinating security awareness initiatives, representing security’s interests and flying the security flag to the broader business.
What will keep you in very good standing for this role? Given the SecOps / IR focus of this role – monitoring, triaging, and yes, responding to cyber incidents – prior experience in a similar role is absolutely necessary. While there’s no set number of years required to succeed in this role, this is very much in the “goldilocks” zone; it won’t suit someone starting out their security journey, likely nor would it suit someone who’s been there, done that, and got the t-shirt. Somewhere in the middle.
- While experience trumps certs, formal qualification in something relevant like CS, Cyber Security or IT Systems would be well received.
- Comfort with a diverse amount of tech – SIEM/SOAR platforms, EDR/XDR, vulnerability management tools, etc.
- Bonus points if you can point to bona fide detection engineering experience.
- An understanding of things like identity and access management (IAM), network security controls and data encryption would put you in a great position.
- You’ll need a solid understanding of both Linux and Windows (OS, memory, etc.).
- A familiarity with standards and frameworks like NIST, Essential 8, OWASP Top 10, etc.
- Experience with the Microsoft product suite would be excellent – EntraID, O365, etc.
- A general, but well-developed knowledge of IT networks – security configs, patching, secure admin practices, network principles, etc.
- This one might sound silly, but a genuine ability to work well in a team and support your colleagues. Given the small, lean & mean nature of the team, being that helping hand when needed isn’t simply a “nice to have”, it’s a “necessary”.
- The ability to translate tech and risk to non-security, and non-tech personnel.
If this has piqued your interest, let’s chat in confidence. Consider applying or reaching out as there’s more info that can be shared with you.
HOW TO APPLY Firstly, please know that any application you make is treated with abject confidentiality. The only people who will know you’ve applied are you & me. Say hi, and let’s chat about what you want.
Click APPLY and/or contact Michael directly on mpearman@decipherbureau.com for a 100% confidential, informal conversation where your privacy will absolutely be respected.
Decipher Bureau and the clients we partner with are committed to creating a diverse environment and are proud to be equal opportunity employers. All qualified applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.