Principal Security Engineer
Davidson ·www.davidsonwp.com
Apply directAbout the Company
Our client is a leading Federal Government agency responsible for delivering critical policing, cyber security and technology capabilities that protect Australia's national interests. Operating within a highly secure environment, the organisation is committed to strengthening cyber resilience, modernising technology platforms and enhancing its security operations capability through innovative and scalable solutions.
This is a long-term contract opportunity for an experienced Principal Security Engineer to join a high-performing cyber security team supporting nationally significant initiatives.
About the Role
As a Principal Security Engineer, you will play a pivotal role in designing, implementing and optimising enterprise Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) capabilities. Working closely with cyber security specialists, technical teams and key stakeholders, you will lead the development of advanced detection engineering capabilities, improve security operations and drive continuous enhancements across the organisation's cyber defence environment.
Key responsibilities include:
- Design and implement the onboarding of log sources across cloud, on-premise, identity, endpoint and network environments.
- Develop and maintain log parsing, normalisation and data quality standards.
- Build and optimise SOAR workflows to automate security alert triage, enrichment, containment and response activities.
- Integrate SIEM and SOAR platforms with enterprise security technologies including EDR, IAM, ticketing systems, email security, firewalls and threat intelligence platforms.
- Develop, tune and maintain high-quality detection rules aligned with evolving cyber threats and organisational risk.
- Create and maintain SOC playbooks, operational runbooks and automated response procedures.
- Continuously improve detection capability by reducing false positives and enhancing alert fidelity.
- Support incident response activities through log analysis, rapid detection development and cyber investigations.
- Conduct detection gap analysis following security incidents and emerging threat intelligence.
- Maintain the performance, reliability and configuration of enterprise SIEM and SOAR platforms.
- Develop dashboards, health monitoring and reporting capabilities to support operational performance.
- Produce clear technical documentation and contribute to knowledge sharing, mentoring and continuous improvement across the cyber security function.
About You
You are an experienced Security Engineer with a strong background designing and supporting enterprise SIEM and SOAR platforms within complex, security-focused environments. You enjoy solving challenging cyber security problems, driving automation and collaborating with multidisciplinary teams to strengthen organisational cyber resilience.
You will ideally bring:
- Demonstrated experience implementing and administering enterprise SIEM platforms such as Microsoft Sentinel, Splunk, IBM QRadar or Elastic.
- Strong experience developing automation, detection engineering, correlation rules, parsers and SOC playbooks.
- Proven ability to optimise SIEM environments, improve detection capability and reduce false positives.
- Experience integrating security platforms with technologies including EDR, IAM, firewalls, ticketing systems and threat intelligence solutions.
- Strong understanding of incident response, detection engineering and cyber security operations.
- Excellent stakeholder engagement, communication and technical documentation skills.
- Experience mentoring technical team members and contributing to continuous improvement initiatives.
- Experience working within Federal Government or other highly regulated environments will be highly regarded.
Eligibility Requirements
To be considered for this opportunity, applicants must be Australian Citizens who have resided in Australia for a minimum of 10 years and are eligible to obtain and maintain an Australian Government Negative Vetting Level 1 (NV1) Security Clearance. Applications that do not meet these mandatory requirements cannot be progressed.
Please apply with current resume in Microsoft Word format only (.doc or .docx). If you would like to have a confidential discussion, please contact Dylan Tasker on dylan.tasker@davidsonwp.com , quoting reference JN -072026-43817. Want to know more about Davidson? Visit us at www.davidsonwp.com