Security Tooling Engineer

We have an opportunity to join our key Defence account, as a Security Tooling Engineer. Based in our Canberra facility and working within the Security Architecture and Engineering team, your role will be representing security requirements and best practices across a range of disciplines including Project Pipelines, Network Operations, Systems Engineering and Architecture.

In this role you’ll be responsible for deploying, configuring and sustaining a set of cyber security products and technologies, including Host Based Security Products (AV, HIPS, DLP, EDR etc.), SIEM, Network IPS and related management solutions. A core focus of the team is the ongoing deployment and maintenance of SIEM technologies across a complex environment as well as the automation of existing security processes.

As an engineer in the broader team, your expertise in the technologies and security processes and practices will see you mentoring and advising a 24/7 team of SOC Analysts who are dependent upon the toolsets you provide. 

The role works under general direction of the Chief Information Security Officer to deliver secure services to the program.

Duties include:

• Assist with design, deployment and maintenance of Splunk; Tenable
• Work with the operational teams to ensure Splunk is configured appropriately and fit for purpose;
• Develop reliable, efficient queries that will feed custom alerts and dashboards;
• Create and maintain documentation related to Splunk infrastructure;
• Undertake routine patching and administrative tasks;
• Support enterprise Splunk deployments with data feeds from multiple data centres;
• Integration and functional testing.
• Participate and adhere to change control procedures
• Support and configure vulnerability scanning across a large environment

About You

You are an experienced security engineer within a complex, regulated environment and have knowledge and interest in a broad range of systems and enterprise security architecture. You will also have the following:

• Professional memberships and Certifications (SANS, ISACA, Offensive Security etc) are considered desirable
• Solid understanding of end point protection and application whitelisting
• Demonstrated experience with Security tooling such as Splunk and Tenable
• Experience with change control and ITL framework
• Interest/Experience in Container and cloud security solutions (Prisma Cloud, Tanium)

Due to the nature of the role, the successful candidate must hold a government NV-2 security clearance; or NV1 with eligibility to upgrade to NV2.

Successful candidates will be required to be Australian Citizens and be able to obtain and maintain an Australian Government Security Clearance.

At Leidos you’ll enjoy 12 weeks paid parental leave as a primary carer, flexible work practices, discounted health insurance, novated leasing and more. We have a strong track record of internal promotion and career transitions.

Push your boundaries within a supportive culture and redefine what’s possible for our customers and your career.

At Leidos, we embrace diversity and are committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islander peoples, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities, and age groups.

At Leidos, we are passionate about our mission to make the world safer, healthier and more efficient. If you are too, then join us and Be the difference.