Cyber Security Operations Analyst (SIEM Detection Engineering)


Job Location:

Canberra - Australia

Monthly Salary: Not Disclosed
Posted on: 19 hours ago
Vacancies: 1 Vacancy

Job Summary

Who we are

Countersight is a specialist cybersecurity company delivering security research capability development and consulting services to clients within government and across the private sector. We are independent Australian and Canberra based but with the flexibility to operate Australia wide.

Our team works on interesting problems across the entire technology stack from embedded systems to web and mobile applications finding creative ways to deliver the capability our clients need.

The Role

Role Title: Senior Cyber Security Operations Analyst (SIEM / Detection Engineering)

Location: Canberra ACT

Hours: Full-time

Salary: $100000 $180000 (plus super) based on experience

Our Senior Cyber Security Operations Analysts work closely with client Cyber Security OperationsCentres(CSOCs) to ensure SIEM and supporting security platforms are operationaloptimised and continuously improving.

This role is focused on hands-on SIEM engineering and operations including onboarding log sources improving data quality tuning detection content andoptimisingplatform performance and cost.

Working as an embedded subject matter expert within client environments you will collaborate with infrastructure cloudapplicationand business teams to ensure security telemetry is fit-for-purpose and supports effective detection and response outcomes.

Typical responsibilities include:

  • Monitoring and maintaining SIEM platform health ensuring availability and fitness for use by SOC analysts
  • Onboarding and integrating log sources across network endpointcloudand application environments
  • Improving log fidelity structure and consistency tomaximisedetection effectiveness
  • Monitoring andanalysinglog ingestion rates and trends
  • Identifyingand implementingoptimisationopportunities to improve performance and reduce storage/ingestion costs
  • Developing and tuning correlation rules alertsdashboardsand reports to reduce false positives and improve detection coverage
  • Maintainingand enhancing SIEM integrations including threat intelligence feeds and API-based connections
  • Supporting incident response and remediation activities in collaboration with SOC teams
  • Developing andmaintainingstandard operating procedures for cyber security tooling
  • Engaging with system owners and stakeholders to uplift logging maturity and support ongoing capability improvements

What we are looking for

We are looking for experienced cyber security professionals with a strong background in SIEM security operations or detection engineering particularly those who enjoy working at the intersection of security operations data engineering and platformoptimisation.

Must-have:

  • 3 years hands-on experience in SIEM engineering SOC operations or cyber security operations roles.
  • Strong experience onboarding parsingnormalising and structuring logs from diverse sources.
  • Experience designing building and maintaining SIEM content including correlation rules dashboards reportsalertsand detection logic.
  • Experience monitoring and managing log ingestion data quality and platform performance.
  • Ability toanalyseingestion trends andidentifyoptimisationopportunities.
  • Strong stakeholder engagement and communication skills.
  • Australian Government security clearance (NV1 minimum) or the ability tomaintainone.

Nice-to-have:

  • Experience with Google SecOps Chronicle or similar SIEM platforms.
  • Experience with logforwardingand pipelines ( or equivalent).
  • Understanding of detection engineering practices and threat-informed defence.
  • Familiarity with threat tacticstechniquesand procedures (TTPs).
  • Experience supporting incident response and threat hunting.
  • Exposure to EDR XDRSOARand related technologies.
  • Understanding of cloud platforms APIs and modern application architectures.
  • Familiarity with Australian Government environments and compliance frameworks.

Why work for Countersight

As a small company we prioritise supporting our team and fostering a positive flexible and enjoyable work culture. Collaboration continuous learning and the latitude to experiment are the heart of our approach.

Our main office is located a short walk from Braddon and some of Canberras most popular cafes restaurants breweries and coffee roasters and is also convenient for public transport including light rail.

Our work and client focus allows us to directly contribute to the security and success of our community and we believe that security is the key ingredient in opening up the promise of technology.

We thrive on deep technical challenges and relish the opportunity to extend our knowledge and explore the limits of the technologies we work with.

We enjoy what we do and we think you will too.

Eligibility

To be eligible to apply for this position you must meet the below eligibility criteria:

  • Be an Australian Citizen.
  • Hold or be eligible to hold a NV1 security clearance (minimum).
  • Satisfy pre-employment screening.

Application Procedure

Please provide a current resume along with a covering letter highlighting your relevant experience and any publicly available examples of your work.

Please feel free to get in touch with any questions you may have about this role via


Required Experience:

Manager

Who we areCountersight is a specialist cybersecurity company delivering security research capability development and consulting services to clients within government and across the private sector. We are independent Australian and Canberra based but with the flexibility to operate Australia wide. Ou...