We have an opportunity to join our key Defence account, as a Security Tooling Engineer. Based in our Canberra facility and working within the Security Architecture and Engineering team, your role will be representing security requirements and best practices across a range of disciplines including Project Pipelines, Network Operations, Systems Engineering and Architecture.
In this role you’ll be responsible for deploying, configuring and sustaining a set of cyber security products and technologies, including Host Based Security Products (AV, HIPS, DLP, EDR etc.), SIEM, Network IPS and related management solutions. A core focus of the team is the ongoing deployment and maintenance of SIEM technologies across a complex environment as well as the automation of existing security processes.
As an engineer in the broader team, your expertise in the technologies and security processes and practices will see you mentoring and advising a 24/7 team of SOC Analysts who are dependent upon the toolsets you provide.
The role works under general direction of the Chief Information Security Officer to deliver secure services to the program.
Duties include:
- Assist with design, deployment and maintenance of Splunk; Tenable
- Work with the operational teams to ensure Splunk is configured appropriately and fit for purpose;
- Develop reliable, efficient queries that will feed custom alerts and dashboards;
- Create and maintain documentation related to Splunk infrastructure;
- Undertake routine patching and administrative tasks;
- Support enterprise Splunk deployments with data feeds from multiple data centres;
- Integration and functional testing.
- Participate and adhere to change control procedures
- Support and configure vulnerability scanning across a large environment
