• Location: Canberra ACT
• Initial 12 months contract + 2 X 12 months extension options
• Must have be Australian Citizen with minimum of NV1 Clearance

FinXL is seeking an experienced Lead Cyber Security Engineer to design automated workflows, manage SIEM integrations, and strengthen The client's incident response capabilities.

Key Duties and Responsibilities:

• Developing and maintaining playbooks and automated workflows.
• Identifying patterns in logs/events to develop proactive countermeasures.
• Leading incident response, remediation, and threat hunting activities.
• Contributing to security uplift initiatives and emerging tech assessments.

Essential requirements:

• Proven experience building integrations between SIEM platforms and enterprise systems.
• Knowledge of log ingestion from hybrid environments (Azure and AWS).
• Experience designing, implementing, and testing security automation playbooks.
• Strong technical documentation skills and a collaborative, team-first mindset.

Desirable:

• Experience with Splunk SOAR (Playbook development) and Splunk RBA.
• Familiarity with Nuix for eDiscovery or investigative processing.
• Relevant certifications: CISSP, GCIH, GCIA, or Microsoft/Splunk technical certs.
• Tertiary qualifications in a technical field.

If you are ready to take on this exciting opportunity, we encourage you to apply by clicking the "Apply Now" Button. Only suitable candidates will be contacted.

FinXL does not accept unsolicited resumes or appreciate unsolicited calls from recruitment agencies.

FinXL encourages applications from Aboriginal and Torres Strait Islander people.