Information Security Engineer

This is a hands-on cyber security role with a growing Australian technology business operating in a modern SaaS environment.

The role would suit someone who enjoys the investigative side of security working through alerts, understanding what has happened, assessing risk, deciding what needs to be escalated, and helping improve detection and response processes over time.

This is not a pure “watch the dashboard” SOC role. You’ll be close to the action across security operations, incident response, cloud security, tooling improvement and broader security uplift.

Why this role?

Broad hands-on cyber role across investigation, response, tooling and uplift
Modern SaaS / technology environment with strong internal technical teams
Barangaroo office location with a high-quality workplace and strong culture

What you’ll be doing

You’ll be part of a small internal security team, reviewing security triggers and alerts across a broad technology environment and working out what needs action.

This is a hands-on role where you’ll assess whether activity is expected, suspicious, exposed or potentially compromised, then work with internal IT, DevOps, cloud, network and engineering teams to resolve the issue.

You’ll be involved in practical blue-team activity including alert triage, incident investigation, vulnerability/exposure assessment, detection improvement, security tooling, compensating controls and validation of fixes.

This is not a narrow “monitor and escalate” role — you’ll need to investigate, communicate, coordinate and follow issues through.

What we’re looking for

We’re looking for someone with genuine hands-on security operations or security engineering experience, ideally around 5–6 years, with at least L2 SOC / blue-team capability.

You’ll need to be able to talk through real examples of alerts or security triggers you have investigated, including how you assessed severity, what evidence you checked, who you worked with, what action was taken and how the issue was validated afterwards.

Experience across some of the following will be useful:

Alert triage, investigation and incident response
SIEM, EDR/XDR and security monitoring tools
Microsoft Sentinel, Splunk, Elastic, Defender, CrowdStrike, Carbon Black or similar
Vulnerability/exposure assessment and remediation coordination
Network security, cloud security, endpoint or identity security
Working with IT, DevOps, cloud, network or engineering teams
Detection improvement, runbooks, playbooks or security tooling uplift
AWS, Azure or broader cloud security exposure

“This is not”

This probably isn’t the right role if:

Your background is mainly GRC, audit or third-party risk
You have only done L1 SOC monitoring without deeper investigation
You are mainly pre-sales, advisory or tool implementation focused
You prefer a narrow specialist role rather than a broad internal security role
You are not Sydney-based or cannot attend the Barangaroo office at least 3 days per week

The person

You’ll be curious, practical and calm under pressure. You’ll enjoy working through messy security triggers, asking the right questions, speaking with technical teams and helping drive issues through to resolution.

You don’t need to be an expert in every area, but you do need strong security fundamentals, good judgement and the willingness to work broadly across blue-team security operations, tooling, vulnerability, cloud/network and security uplift.

Benefits

Barangaroo locatioin
Legal tech / SaaS
Great offices
Free lunches / benefits / strong culture
Small team / broad role
Sophisticated tools
Small bonus structure

Apply

For a confidential discussion, apply now or contact Amanda Evans at The Recruitment Company.

Apply for This Job

The Details

Posted 2 hours ago
Reference:: 289884
Location:: Sydney CBD, New South Wales
Salary:
Classification:: Information & Communication Technology
Security

Infrastructure Permanent

Amanda Evans

Infrastructure – Permanent

[email protected]
02 8346 6716