Security Engineer – SIEM Consultant

About Skillfield:

Skillfield is a Melbourne based Big Data consultancy and professional services company established in 2016. Our name comes from our dream of being a company where skilled professionals hone their talents and accrue knowledge and experience along the way.

Since 2016 we have been enabling our customers to maximize the business and operational value of their big data investment by helping them develop, manage, understand and utilise Big Data systems in a way that works for them.

About the role:

Skillfield is looking for a Security Engineer – SIEM Consultant to join our team in Melbourne. As a Security Engineer, you’ll help us deploy Big Data security solutions for our customers. Your role includes but not limited to:

  • Develop a solid understanding of our customers’ environments
  • Explore customer data sets
  • Conduct Threat Modeling with customers to identify required detections
  • Identify security gaps and solution vulnerabilities, advise on best practices in addressing gaps
  • Identify compliance requirements, guide architecture, design & development activities on maintaining or achieving compliance
  • Translate these vulnerabilities and requirements into opportunities for the client to enhance their security capabilities and create new pathways for Skillfield delivery and sales teams to develop new business opportunities
  • Support the client and sales team in a pre-sales capacity to convert these opportunities into new engagements 
  • Data modelling for custom data processing 
  • Design security detections/dashboards/ML jobs
  • Design custom security detections based on the threat modeling
  • Simulate and perform attacks to validate detections, identify ways of reducing false-positives
  • Conduct customer training/handover sessions
  • Be a security champion in our organisation, help educate and elevate our development team’s security awareness and practices

About You:

You need to be a passionate security professional, a strong and articulate communicator, someone who can communicate complex information and provide guidance in security matters. You work smart, finish what you start, and innovate along the way. You are a person who shows respect in every interaction, a good listener who puts the customer needs first. You are dependable, make informed decisions, and help others where you can.

To be considered for this role you should have:

  • A background in cybersecurity
  • A solid understanding of best practice security principles 
  • Expertise across various security products and technologies
  • A drive to stay up to date with security trends, threats and solutions
  • Experience in working with Big Data and Analytics to address security needs
  • Ability to work with different stakeholders, from technical experts through to senior managers
  • An understanding of common platforms for analytics, data architecture, and data modelling
  • Ability to break down complex problems and define clear steps for the team to follow
  • Exposure to pre-sales, with an aptitude for engaging potential new clients and sales teams in a collaborative manner to explore what is possible, convert this to a scope of works, and articulate the value proposition
  • An understanding of what it will take to get something done, and what ‘done’ looks like
  • Experience working with and within agile project teams
  • An eagerness to contribute to technical blog posts and participate in company webinars

Technical Skills:

  • Experience working with Linux and Windows operating systems, coding languages and networks
  • Sound SOC experience – prior security analyst or hunt experience ideal
  • Ability to review data sets and build detection capabilities in line with MITRE ATT&CK framework
  • Understanding of AI / ML and their use for advanced security analytics
  • Experience in working with Splunk and/or Elasticsearch, associated architectures and design patterns
  • Experience tuning fidelity of alerts to ensure high quality alerting
  • Experience creating dashboards and reports using Kibana or Splunk
  • Ability to optimise existing and new search queries and dashboards to improve performance
  • Development skills in Java or Python
  • Experience working with DevOps practices / in a DevOps team
  • Developing and maintaining technical documentation and knowledge base articles related to the work performed
  • Practical , hands on skills on how to secure and maintain security on Windows, CentOS and OSX operating systems
  • Ability to own or provide input into security policies and procedures
  • Report security performance against established security metrics
  • Past experience as a Linux Administrator, Cyber Security Engineer, Incident Responder or similar role is a must
  • Experience and knowledge of vulnerability assessments

Highly desired but not a deal breaker:

  • At least one industry recognised certification such as Elastic Engineer, AWS Certified – Security Speciality or Azure Security Engineer Associate
  • Strong experience securing and integrating cloud and security tooling, within AWS and Azure
  • Ability to report security performance against established security metrics
  • Experience with one or more key security domains such as network security products, data loss prevention, identity & access management, PKI and cryptographic technologies
  • Experience with Australian ISM or other security frameworks

Skillfield is an equal opportunity employer. We value diversity, foster innovation and reward success.

If you enjoy working with technology, can demonstrate trust, engage in productive debates, commit to group decisions, are accountable and focus on the results of the team, we’d love to hear from you! Please apply below.

Contact us

If you are interested to join us.

Contact us