Cyber Security Engineer
About us
We’re growing, not slowing, here at Macquarie Technology Group because we’re passionate about doing things differently. We want to challenge the industry and look for better ways of doing things. As a team, Macquarie Government are hardworking, results and success focused. We also take the time to celebrate our success and make sure our people are doing work that makes a difference.
We believe that collaboration & team connection is key for success. This role will be based in Canberra on-site with one of our clients.
We require security clearance for this role you must be an Australian citizen to be eligible to obtain a security clearance or ideally already hold NV1 security clearance.
The Opportunity
We're looking for a motivated Cyber Security Engineer to join our growing security team in Canberra. This is a hands-on role where you'll be at the centre of our security operations, helping to detect, investigate, and respond to threats while expanding the visibility of our SIEM platform.
You're someone who has already gotten your hands dirty in a SOC environment and knows your way around Splunk and you're ready to take the next step in your career with a team that genuinely invests in its people.
What You'll Be Doing!
- Monitoring, triaging, and responding to security alerts and incidents within our Security Operations Centre (SOC)
- Onboarding and integrating new log sources into Splunk, including writing and tuning data inputs, parsing configurations, and field extractions
- Developing and refining Splunk searches, dashboards, and alerts to improve threat detection capability
- Investigating security events and escalating incidents in line with established playbooks and procedures
- Contributing to the continuous improvement of SOC processes, runbooks, and detection logic
- Collaborating with internal teams to ensure log coverage across cloud, network, and endpoint environments
- Keeping up with the evolving threat landscape and bringing fresh ideas to the team
About You!
- A degree in Cyber Security, Information Technology, Computer Science, or a related field
- Minimum 18 months of hands-on experience in a SOC operations environment, including practical experience onboarding and validating log sources in Splunk (e.g., configuring inputs, writing props/transforms, and ensuring data quality).
- Solid understanding of common attack techniques, threat indicators, and the MITRE ATT&CK framework
- Familiarity with security technologies such as firewalls, IDS/IPS, endpoint detection tools, and cloud security platforms
- Strong analytical and problem-solving skills with a keen eye for detail
- Clear written and verbal communication able to explain a complex incident to both technical and non-technical stakeholders
Nice to Have!
- Splunk certifications (e.g., Splunk Core Certified User or Power User)
- Exposure to SOAR platforms or security automation
- Experience with cloud environments (AWS, Azure, or GCP)
- Relevant industry certifications such as CompTIA Security+, CySA+, or equivalent
Candidates must be Australian citizens and eligible to obtain or hold an Australian Government security clearance.
If this role excites you Apply Now!