Lead Cyber Security Analyst

This is a hands-on technical role inside the Cyber Security Operations team at a major federal government department. You'll be designing, building and optimising their SIEM capability from the ground up - ingesting and correlating security events, developing detection use cases, tuning alerts, and identifying gaps in logging coverage. It's a build role as much as an ops role, with real ownership over how their security posture evolves.
You'll also provide considered security advice to stakeholders and executives, and contribute to documentation and policy that meets government security frameworks including PSPF, ISM and the Essential Eight.

About you:

• Hands-on experience with Microsoft Sentinel and Azure security tooling - building detections, not just using them
• Strong background in log ingestion, use case development and alert tuning (SIEM/SOAR)
• Solid understanding of ISM, Essential Eight and PSPF compliance requirements
• Able to document technical solutions clearly and translate findings for non-technical stakeholders
• Comfortable providing security advice to executives and senior team members
• Experience working within a cyber security operations team in a government or regulated environment
• Australian citizen, able to obtain NV1 clearance (active clearance highly regarded)

• 12-month contract + 2 x 12-month extensions (up to 3 years total)
• EL1-equivalent Lead level
• Hybrid work in Canberra office with up to 2 days WFH per week
• Start date 6 July 2026
• $130-160 per hour including super