HJ-1428 Cyber Security Operations Engineer

Monitoring, analysing, and triaging security alerts across EDR, SIEM, identity, email, cloud, and network platforms, including accurate prioritisation and escalation of threats.

• Investigating suspicious activity and supporting incident response activities, including containment, eradication, recovery, and post-incident analysis.

• Operating, tuning, and maintaining security tooling and detections, improving signal quality, addressing logging and visibility gaps, and automating repeatable response tasks.

• Coordinating remediation of high-risk security issues with IT and engineering teams and continuously improving detection and response capabilities.

• Assessing operational control effectiveness, tracking security issues, non-compliances, and remediation actions, and maintaining an operational cyber security risk register.

• Contributing operational insight to executive reporting, advising on emerging cyber threats (including third-party and supply-chain risks), and supporting framework alignment, audits, and security awareness initiatives. Experience and Qualifications

Education and Professional Background Tertiary qualification in Computer Science, Information Security, Cyber Security, or a related discipline, or equivalent hands-on experience, with 4–7 years’ experience in cyber security operations engineer, SOC, or incident response roles.

• Security Operations and Incident Response Experience Demonstrated hands-on experience monitoring, triaging, investigating, and responding to security alerts and incidents, including escalation, post-incident reviews, and implementation of operational improvement actions.

• Security Tooling, Detection Engineering, and Automation Proven experience operating and maintaining security platforms (e.g. SIEM, EDR, email security, DRP), tuning detections to reduce false positives, addressing logging and visibility gaps, and automating repeatable investigation and response activities using scripting or SOAR tools.

• Operational Risk, Control Effectiveness, and Remediation Experience monitoring and assessing security control effectiveness, tracking security issues and non-compliances, coordinating remediation actions, and maintaining an operational cyber security risk register.

• Frameworks, Assurance, and Governance Support Working knowledge of the NIST Cyber Security Framework and ASD Essential Eight from an operational implementation perspective, with experience supporting internal and external audits and reviews (e.g. internal audits, PCI DSS, third-party audits) through provision of operational evidence and remediation updates.

• Reporting, Advisory, and Stakeholder Engagement Experience contributing operational input to executive-level reporting, dashboards, and metrics; advising on emerging cyber threats and operational impacts including third-party and supply-chain risks; and supporting delivery of cyber security awareness activities informed by real-world threats and incidents.

• Communication and Professional Capability Strong written and verbal communication skills, with the ability to produce clear incident reports, operational updates, and leadership briefings, and to engage effectively with technical, business, and executive stakeholders.

The Cyber Security Operations Engineer supports Hungry Jack’s cyber security operations, ensuring threats are effectively detected, managed, and resolved. The role supports the 24/7 SOC, incident response, vulnerability management, and security tooling, coordinating responses across internal teams and third-party providers. Working closely with the Cyber Security Operations Lead, the role aligns operations to frameworks such as NIST CSF and the ASD Essential Eight, maintains cyber risk visibility, support or lead post-incident reviews, and drives continuous improvement to strengthen the organisation’s security posture.

External: The role engages with external third-party vendors, service providers and security partners to support security operations activities, security engineering and compliance assessments. This includes coordinating external audits and reviews, assessing third-party cyber security risk, and supporting contractual and assurance requirements. The role represents Hungry Jack’s cyber security governance interests in external engagements, ensuring expectations, risks, and remediation actions are clearly understood and effectively managed.

• Security Operations & Incident Response: Strong capability to monitor, triage, and analyse alerts across SIEM, EDR, identity, email, cloud, and network platforms, with proven experience investigating incidents and supporting containment, eradication, recovery, and appropriate escalation.

• Security Tooling, Detection & Automation: Hands-on expertise operating and maintaining security platforms, tuning detections, reducing false positives, improving signal quality, addressing logging and visibility gaps, and automating repeatable investigation and response tasks using scripting or SOAR.

• Operational Risk, Controls & Assurance: Ability to assess control effectiveness, track security issues and non-compliance, maintain an operational risk register, and coordinate remediation with IT and engineering teams, with working knowledge of NIST CSF and ASD Essential Eight and experience supporting audits through evidence and remediation updates.

• Reporting, Advisory & Collaboration: Delivers clear operational insights for executive reporting, advises on emerging threats including third-party and supply-chain risk, translates technical issues into business outcomes, and works collaboratively across security, IT, vendors, and the business to drive continuous improvement.