Security Operations Engineer (AU) at DroneShield

Sydney, New South Wales, Australia -

Full Time

Start Date

Immediate

Expiry Date

26 Aug, 26

Salary

0.0

Posted On

28 May, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Security Automation, Vulnerability Management, Incident Response, MDM/MAM Solutions, System Hardening, Threat Modelling, Alert Triaging, Python, Go, Windows, MacOS, Linux, XDR, Secure Remote Access, LLM for Security, Technical Communication

Industry

Defense and Space Manufacturing

Description

About the role DroneShield is seeking a Security Operations Engineer to join the Security team in Sydney, NSW. The Security team is a nimble team responsible for protecting DroneShield's assets and users. Our adversaries are sophisticated and use state-of-the-art tooling. To protect DroneShield, we need to focus on the biggest risks, eliminate threats, focus on automation to scale our efforts and continually increase the cost for the attackers. Key responsibilities for this role include keeping our assets patched and updated, responding to incidents and improving security process by focusing on automation and continuous improvement. This role will also contribute on engineering work to deploy new tools and controls across laptops and incident response. This role should be viewed as a partnership with Corporate Security and Detection & Response, with each team enabling each other to be more effective. Corporate Security automates deployment of security controls and enables telemetry, so that Detection & Response can create detections and playbooks to respond to incidents effectively. The ideal candidate will be building their strategic understanding of Corporate Security and Detection & Response and will be an eager, capable contributor to both teams. This role requires experience in programming and automation. An interest in how LLMs can be leveraged to improve security operations is a strong plus. Strong communication skills and being a hands-on engineer are a must have. Responsibilities, Duties and Expectations Automate and deploy security controls on our corporate infrastructure Support and contribute to vulnerability management across our corporate infrastructure Be up to update with vulnerabilities/CVEs and how to mitigate them Assisting on responding security incidents Contribute to and help execute the corporate security strategy under senior direction Support reporting on security metrics and contribute findings and recommendations to the team Manage concurrent tasks and contribute to cross-team problem solving Qualifications, Experience and Skills BS degree in Computer Science, Information Technology or similar technical field of study or equivalent practical experience. Demonstrated experience working in IT with focus on security tooling On-the-tools engineering experience – must be hands-on Excellent communication skills to explain complex technical concepts Strong problem-solving and analytical skills Minimum 2–4 years’ experience in related roles. Roles could include: IT Engineer, System Administrator, Security Engineer Knowledge of the following is essential: Experience with Windows and MacOS Experience managing MDM and MAM solutions Experience with alert triaging Reducing the attack surface through system hardening Threat Modelling – focusing on the threat, controls and mitigations. Knowledge of the following is desirable: Experience with Linux Experience with XDR Experience with Secure Remote Access approaches Ability to think creatively to identify potential security vulnerabilities. Automation experience, writing scripts in Go or Python. Have experimented on leveraging LLM for automation. Systems thinking focus on design solutions that improve the system. Note for recruitment agencies: We do not accept unsolicited candidates from external recruiters unless specifically instructed.

Responsibilities

Automate and deploy security controls across corporate infrastructure while managing vulnerability mitigation and incident response. Partner with Corporate Security and Detection & Response teams to improve telemetry and security playbooks.