About the Company

• A major Australian financial services group undergoing a significant uplift in cyber capability and next‑generation SOC transformation.

• Strong investment in modern security platforms, automation‑first operations, and advanced detection engineering.

• A values‑driven organisation committed to innovation, resilience, and building a high‑performing cyber function.

About the Role

This is a deeply hands‑on security engineering role at the heart of a major SOC transformation program. You'll be instrumental in bringing the SOC capability in‑house and leading the migration to a new SIEM platform.

This role suits someone who thrives on solving complex detection challenges, building automation at scale, and driving measurable uplift in SOC maturity.

About You

• Extensive experience writing detection rules and logic.

• Proven capability developing SOAR playbooks, automation workflows, and API‑driven integrations.

• Hands‑on experience with modern SOC platforms unifying SIEM, SOAR, EDR, ASM, and threat intelligence.

• Strong scripting proficiency in Python, PowerShell, or similar for automation, integrations, and detection‑as‑code pipelines.

• 5+ years in cyber security with a focus on detection engineering, SOC operations, or security automation; relevant certifications (CISSP, CISM, GCIA, GCIH) desirable.

• Comfortable heading into the office 3 days a week.

Key Accountabilities

• Build and optimise detection content, ensuring high‑fidelity alerts and strong coverage across the kill chain.

• Develop automation‑first incident response workflows, including enrichment, containment, and evidence collection.

• Support the in‑house SOC build and lead technical components of the SIEM migration.

• Conduct advanced threat hunting and convert findings into production‑ready detections and automated actions.

• Implement detection coverage mapping and compliance‑aligned monitoring (MITRE ATT&CK, Essential 8, CPS 234, ISO 27001).

Benefits

• Opportunity to shape and lead a next‑generation SOC capability with full executive backing.

• Work with cutting‑edge security platforms and build automation‑first workflows from the ground up.

• Strong culture of continuous learning, professional development, and senior‑level collaboration.