Back to all jobs

Security Engineer - Platforms

LocationMelbourne VIC, Australia
Work TypeFull Time - Fixed Term
Positions1 Position
Published At:11 days ago
Job no: ATCJ4

About AARNet

Australia’s Academic and Research Network (AARNet) was established in 1989 and is widely regarded as the founder of the Internet in Australia and renowned as the architect, builder and operator of world-class network infrastructure for research and education. 

As Australia’s National Research and Education Network (NREN). We connect over one million users — researchers, faculty, staff, students, hospitals, vocational training providers, schools and museums — across Australia.

We are an organisation of innovators, doers, and courageous thinkers. We don’t settle for the status quo; instead, we anticipate the future needs of our customers and build solutions today. If you share our imagination, foresight, and drive to shape the future, why not come and join us?

https://www.aarnet.edu.au/

 

Role Purpose

The Security Engineer – Platforms, is part of the Security Operations Centre (SOC) and is a key driver of security engineering effort to develop, tune, and implement log source integrations and parsing. This position is responsible for maintaining AARNet’s robust catalogue of parsers, tuning them when required, as well as assisting in broader User and Entity Behaviour Analytics (UEBA) and Security Information and Event Management (SIEM) platform work items. 

The candidate will work closely with the SOC Platforms Manager and the broader teams to drive and continuously enhance the platforms that underpin the Alerting and Detection strategy within the SOC enabling both AARNet and its customers to operate in a safe environment. This role provides and opportunity to learn data engineering in the context of Cyber security.

This role is a 6 month fixed-term, full time role and due to the nature of the role we are unable to hire individuals on temporary visas.


Key Accountabilities

At AARNet, all employees are accountable for:

  • Actively promoting safe work practices in the workplace during all activities consistent with AARNet’s policies and comply with all WH&S legislation, policies and procedures.
  • Actively contributes to a safe and supportive working environment that is inclusive of all staff through celebrating their nationality, cultural background, LGBTI status, abilities, gender and age.

In this role, your main responsibilities are:

  • Responsible for data ingestion and the building of new parsers to support ongoing SOC use case requirements
  • Collaborate with stakeholders within AARNet to ensure that relevant logs sources are parsed and integrated into the Alerting and Detection Strategy
  • Normalise data from log sources into the Elastic Common Schema (ECS)
  • Build CrowdStrike LogScale dashboards to demonstrate new work
  • Collaborate with AARNet internal stakeholders and customers on understanding data sources and use cases – successfully translating requirements into the SOC data management framework
  • Drive strategy towards automated on-boarding of relevant data sources/feeds to enable detection, enrichment, and hunt capabilities across multiple log sources
  • Create integrations with various network and security devices through their log events.
  • Develop custom scripts for data enrichment across internal (e.g., CMDB) and external data sources
  • Perform data interpretation, classification and enrichment
  • Manage and support other SOC platforms (e.g., XSOAR, MISP, ELK)


About you in the role

You will celebrate diversity, inclusion, belonging and welcome all people regardless of lifestyle choices, ethnicity, faith, sexual orientation or gender identity.

Your directorate: Cyber Security

You’ll report to: SOC Platforms Manager

 

Your expertise, experience & qualifications

  • Expertise with a centralized logging framework (e.g., LogScale, Splunk, ELK)
  • Experience with regular expression
  • Strong experience with scripting languages (e.g., Python, Perl, Bash, PowerShell)
  • Experience with a version control system (e.g. Git)
  • Security oriented and problem solving mindset (like solving puzzles and finding ways into closed systems).
  • High level of attention to detail, revision control, and configuration management practices
  • A passion for “finding evil” and “doing good”
  • Able to translate business concepts into the required technical system based events needed to support objectives
  • Leadership (taking ownership and accountability for designated activities)
  • Collaboration Skills (able to work effectively with others)
  • Communication Skills (including ability to present to both technical and non-technical audiences)

 

Even better

Although not essential to the role, it would be even better if you had any of the following experience/skills:

  • Experience integrating internal/external API’s and optimising usage
  • Good understanding of Cyber security platforms/environments
  • Telecommunications and/or Education & Research industry experience would be advantageous
  • Experience working with large data sets with distributed computing a plus
  • Prior experience in working Service provider (SP) or Managed Security Services Provider (MSSP)
  • Familiarity with data schemas (e.g. Elastic Common Schema)
  • Familiarity with Linux and containers
  • Familiarity with a peer review and a CI/CD workflow

 

Benefits at AARNet

AARNet is committed to diversity and providing equal opportunity to all. We’re a great place to work if you want to make a difference.

AARNet provides a host of other benefits in line with our HR policies which include:

  • Competitive remuneration;
  • 17% superannuation; 
  • Flexible work options including a hybrid work model;
  • Focus on wellbeing – year-round initiatives and social engagement activities;
  • Ethical Leadership: A sector leader in cyber security, social responsibility, and equal opportunity;
  • Options to purchase additional Annual Leave; 
  • 2 days paid Women’s Wellness Leave per month; 
  • 24 weeks paid Parental Leave – Primary Carer; 
  • Welcome back to AARNet superannuation payment – on unpaid Parental Leave for Primary Carer; 
  • 4 weeks paid Birth Trauma Leave; 
  • 24 weeks paid - Adoption Leave; 
  • 16 weeks paid Parental Leave – Secondary Carer; 
  • 5 days paid – First Nations Cultural Leave; 
  • 2 days paid Family Wedding Leave; 
  • 24 weeks paid – Foster Carer Leave; 
  • 5 days paid – Fertility Leave; 
  • 8 weeks paid – Gender Affirmation Leave; 
  • Strong Equal Opportunity focus;  
  • Modern office environment: Hotdesking system and new facilities;
  • Support your success: A culture and company structure that allows your career to grow with access to leading edge technologies;
  • An opportunity to give back to the academic and research sector.
  • Published on 21 Mar 2025, 12:07 AM