Principal Security Engineer - SME

At NCS Australia, we believe in doing technology services better. Our commitment to quality, focus on people, and willingness to challenge traditional thinking set us apart. Our team brings this belief to life by partnering with our clients and communities to make tomorrow together. We are committed to creating an environment that prioritises innovation, collaboration, and purposeful work. Our diverse team is empowered to make a meaningful impact with curiosity, creativity and resilience to shape better outcomes. Join us and accept the challenge of creating a better tomorrow. Job Description About the role: This role is part of our internal cyber security team, with the primary focus of “Protect NCS”. This is a Blue team that works alongside specialist 3rd party providers and NCS group level Red teams to protect our organisation from cyber attacks. As a Principal Security Engineer - SME within our team, you'll analyse network traffic and user behaviour to identify attacker activity, build and maintain scalable log ingestion and analytics platforms, conduct security audits, and perform root cause analysis, recommend and implement improvements from lessons learned, and be an active participant in incident resolution and reviews. You'll also be a team player enabling everyone in the business to implement our security strategy and initiatives to secure our systems and data. In this role, you'll be well-versed in the latest threats and best practices for mitigating risks and fighting cybercrime. You'll provide technical expertise on security technologies, evaluate emerging security products and technologies, and advise business projects. Additionally, you'll participate in team operational duties and use multiple data sources for threat-hunting activities and security investigations. Qualifications

• Previous experience in a similar role as a Senior/ Principal Security Engineer in a complex enterprise environment as a ‘Blue team’ member
• Hands-on experience with network, infrastructure, application, MS 365 and cloud security
• Strong background working with a wide range of security technologies such as Splunk, WAF, Crowdstrike, TrendMicro, Vulnerability Scanning, etc
• Good communicator, capable of explaining technical concepts to various audiences with differing levels of technical understanding
• Strong SPL skills in performing incident triage and investigation and writing alerts and dashboards to achieve security outcomes
• Programming skills (Ruby, PowerShell, Python, JavaScript, Wireshark, etc) and the ability to leverage those to solve complex problems or automate mundane tasks
• Certifications such as CISSP, GSEC, CEH or CISM desired
• Participation in all team operational responsibilities, such as rotational on-call incident response, security event triage and investigations
• Relevant security certifications

Seniority level

Employment type

Job function

Industries