Threat Detection Engineer - 12mo contract
Canberra, Australian Capital Territory, Australia
Centorrino Technologies
Centorrino Technologies (CT) is a customer-obsessed, technology-focused and engineering-led IT services and solutions provider, based right here in Australia.Get to Know Us
Imagine joining an organisation that has a fully flexible working culture and an award-winning brand! That’s exactly what you will get when you join Centorrino Technologies. Our values, our people, our brand, and our customers mean everything to us.
Here at CT, we put a lot of effort into delivering the best customer experience of any managed ICT provider in Australia.
We work pretty hard at CT, but that doesn’t come without a little play.
- Work from Canberra Office
- Training and development – We offer heaps of courses, certifications, and coaching
- Wellbeing Subsidies – You’ll get discounts on your gym, yoga and pilates memberships
- Cost Price Tech – CT discounts
- Events, Events, Events for everyone!
- Everyone has a very personalised career and learning plan. Our commitment is to help you to become the best you can be.
- The list goes on….
Here’s what you’ll be doing:
- Create threat models and preform threat hunts to inform the detection engineering strategy
- Develop use cases based off threat models, system risks, vulnerabilities, intelligence, incident reports and industry frameworks
- Develop the detection rule syntax associated with use cases within the SIEM and EDR technologies
- Develop playbooks for alert validation by understanding the context in which the detection rule is designed
- Collaborate with Cyber Defence Analysts for detection rule tuning
- Maintain the threat intelligence integrations across the SOC technology stack
- Assist in the identification of content shortfalls across the detection engineering practice
- Assist with incident response at that direction of the incident manager
- Conduct in-depth research and analysis for new detection content
- Assist in the onboarding of new data sources to meet requirements of use cases
- Provide evaluation and feedback necessary for improving intelligence production and reporting
- Provide support to designated exercises, planning activities, and time sensitive operations
Here’s what you’ll bring:
• Demonstratable experience in content development with at least 2 SIEM technologies (Splunk, Elastic, Q-Radar, MS Sentinel)• Experience in a detection engineering practice
• An understanding of the sigma detection rule syntax
• Experience with SOAR technologies and playbook development
• Experience with EDR technologies (Carbon Black, CrowdStrike, Defender ATP)
• A thorough understanding of the cyber threat intelligence lifecycle
• Knowledge of scripting languages (Bash, Python)
• Strong organisational and teamwork skills.
• Professional Certifications, such as GIAC
• Minimum 5 years of cyber security operations experience
Security Clearance: Must be able to obtain Baseline
All our team members are required to obtain and maintain a valid Victorian Working with Children Check, and Police Check.
When you join Centorrino Technologies, you know you are joining an organisation that is driven by our values and innovation. We are proud to be an equal opportunity employer, and are committed to building a diverse and inclusive workplace where we embrace our individual talents, and our differences. We encourage applications from people of all ages, disabilities, LGBTQI, First Nations people and people from culturally diverse backgrounds.
We look forward to hearing from you!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Bash Carbon Black Clearance CrowdStrike EDR GIAC Incident response Python Scripting Security Clearance SIEM SOAR SOC Splunk Strategy Threat detection Threat intelligence Vulnerabilities
Perks/benefits: Career development Flex hours Flex vacation Team events Yoga
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs