SOC Security Engineer Tier 2

About us
Macquarie Government has over 15 years’ experience in providing Government agencies with secure, reliable and proactive services. We provide secure internet gateway services to 42% of federal Government agencies and are the first Australian cloud approved by the Australian Signals Directorate (ASD). As a team, Macquarie Government are hardworking, results and success focused. We also take the time to celebrate our success and make sure our people are doing work that makes a difference.
We believe that collaboration & team connection is key for success. This role will be based in Sydney on-site 5 days a week from Monday to Friday.
We require security clearance for this role, you must be an Australian citizen to be eligible to obtain a security clearance.
The Opportunity
This role is part of the Security Operations Centre "SOC". The overall purpose of the SOC team is to detect, contain, eradicate, remediate and prevent security incidents affecting the Macquarie Technology’s Secure Internet Gateway and Government Infrastructure that operates within Macquarie Technology’s Datacentres, and assist customers where possible to achieve the same.
In this role, you will develop and grow the cyber threat detection platforms, response plans, and playbooks, maintain and tune the mechanisms which support these.
You will be an escalation point for internal and customer incidents and will co-ordinate with other teams as required, following and developing the incident management process.
Why work for us
When you work for Macquarie Government you are working with a like-minded team of humble, hungry and smart people. We have one of the highest employee engagement scores globally, and we are regularly recognised as one of the best Cloud, Data Centre, and Cyber providers in the business. We are also providing services to 42% of Australian Federal Government, so you can be a part of one of the very few sovereign security providers in the country. 
Our people, our employment strategy and our investment in our people is a big reason for our success.

What you'll be doing

• Pro-actively use cyber threat information, skills and intuition to explore vast amount of data to detect security threats.
• Implement preventive and corrective countermeasures against cyber-threat including the development of SIEM Use Cases.
• Evaluate impact of security bulletins & alerts.
• Subject Matter Expert in logging and detection technologies for the SOC.
• Handle customer reporting on security events and answer customer enquiries on reporting.
• Develop, maintain and tune detection mechanisms (play books and use cases) with adequate documentation.
• Provide input to proposed continuous improvement of our working practices and over-all quality of service.

Required experience and skills

• You are an Australian citizen, eligible to obtain a Government security clearance
• 1 - 2 years of experience as a SOC Analyst, Security Engineer or related role.
• Hands-on experience working with Microsoft Sentinel. Understanding and ability to craft use cases for SIEM technologies, principally Sentinel.
• Good understanding of threat actors Tactics, Techniques and Procedures (TTP’s) and how these could relate to enterprise environments.
• Understanding of application and network protocols use and behaviours.
• Understanding of cyber security issues such as computer intrusions, malicious code, phishing and SPAM.
• Data search programming languages, such as Python ; SLQ ; Sentinel KQL and others.
• Detailed understanding of MITRE Attack Framework is an advantage.

If this excites you, apply now!