Cyber Security Engineer (MS Lead)

At Centorrino Technologies (CT), we’re more than just tech-we’re a community that goes beyond expectations. We’ve been recognised as a Great Place to Work in 2024-2025 and one of the Best Places to Work Medium Size in Australia for 2024, with an outstanding eNPS score of 68. And we’re not stopping there. We're on a mission to redefine the customer experience, and we need a passionate Cyber Security Engineer to join our team in Melbourne or Perth.

Our Security Engineers act as a technical escalation point for the Security Analysts within their team.  They ensure incidents are analysed thoroughly, detections are tuned effectively, and the SIEM platform remains reliable, automated, and aligned to best practice. The position does not include direct people management, but requires strong technical leadership, mentoring, and an ability to guide others through complex investigative and engineering tasks.  

Everyone at CT lives by the CT values, and contributes to the success of the business by respecting their fellow team members, giving each other support and advice, and by contributing to the overall customer experience by working together to achieve the right outcomes. 

Requirements

What You'll Do:

• Consistently live the values and demonstrate professional workplace behaviours that reflect the CT values.  

• Comply with all CT policies. 

• Has a NV1 security clearance, or is an Australian Citizen capable of NV1 clearance. 
• Serve as the technical lead for Microsoft Sentinel within our Cyber Security team. 

• Design and maintain analytics rules and workbooks 

• Continuously refine correlation logic to reduce noise and increase actionable alerts. 

• Proactively research and recommend automation opportunities across security operations. 
• Act as escalation point for cyber analysts investigating Sentinel-generated alerts. 

• Perform advanced investigations involving identity, endpoints, network telemetry, threat intelligence and cloud logs. 

• Provide clear guidance on containment and remediation actions. 

• Validate and quality-check incident analysis performed by junior and mid-level analysts. 

• Develop and maintain comprehensive, up-to-date documentation on procedures, configuration baselines and operational guidelines.   
• Identify gaps in automation and propose improvements to reduce response times. 

• Produce custom workbooks, dashboards, and visualisations to improve situational awareness. 

• Ensure detection logic aligns with MITRE ATT&CK, Essential Eight, Microsoft best practice, and customer security requirements. 
• Provide coaching and knowledge transfer to other analysts and engineers. 

• Support architects and consulting engineers with design input for new deployments 
• Assist consultants with content regarding detection coverage, incident trends, and improvement opportunities. 

• Assist with monthly reporting summarising activity, tuning, and platform health 

What You'll Bring:

• Extensive experience running Microsoft Sentinel in an MSP or SOC environment. 

• Strong proficiency in Kusto Query Language (KQL) for analytics rules, workbooks, hunting queries and troubleshooting. 

• Experience in creating SIEM playbooks and automation workflows 

• Experience presenting reports and issues to management. 

• A positive mindset with a ‘can do’ attitude. 

• Good verbal and written communication skills 

• Proven attention to detail 

• Deep understanding of Microsoft Defender XDR products and their integration with Sentinel. 

• Strong knowledge of Azure AD / Entra ID, Azure security services, and on-premises log-source integration. 

• Strong ability to lead technical escalations and support less experienced analysts. 

Benefits

Why You'll Love Working Here:

Our company is more than just a workplace, it's a hub of inspiration and creativity where employees love to work! Here's why:

• Extensive training and development opportunities that enable continual growth as part of your career planning.
• Extensive discounts and benefits to maximise your money.
• A choice of your IT equipment to maximise your success and access to cost-price tech for your personal needs.
• Fun team events to celebrate achievements and connect with colleagues outside work as part of our engaging culture.

CT celebrates diversity and enables every voice to be heard as we drive to create the world we want. Apply today and be part of a team that values innovation, inclusivity, variety and diverse backgrounds.

Note: A valid Vulnerable People / Working with Children Check (WWCC) and Police Check are required.