Senior Cyber Security Support Officer (Brisbane City)

Senior Cyber Security Support Officer – Overview This is a Permanent, Full-Time position based primarily at Mount Gravatt, with potential work at other TAFE Queensland campuses. The role reports to the Manager, Security Operations. Key Responsibilities
- Provide initial triage and response capabilities by reviewing events, resolving or escalating them as cyber security incidents, and assisting with blast radius analysis, containment, eradication, and recovery actions if a coordinated response is required.
- Assist in maintaining and improving TAFE Queensland’s cyber security posture by identifying areas for improvement and addressing them with automation, configuration changes, or documentation.
- Contribute to time‑sensitive detection, identification, and alerting of intrusions, anomalous and misuse activities across complex on‑premise and cloud environments, and triage these events as either incidents or benign activities.
- Contribute to incident response activities, incident assessment and investigation, and reporting on cyber security breaches, ensuring identified security breaches are promptly and thoroughly investigated, including determining potential impact, performing root cause analysis and making recommendations on timely remediation.
- Support, build upon and enhance cyber security orchestration within the Microsoft and Azure security stack, including integrations into third‑party security solutions, business applications, and other cloud or on‑premise solutions.
- Perform operations and administrative activities for the security of the organisation, including event correlation, monitoring, research, assessment and analysis using enterprise security tools (SIEM, mail gateways, EDR/anti‑virus, and other cloud‑based systems).
- Contribute to proactive threat hunting activities, analysing and responding to current, emerging and organisation‑specific threats based on private and public threat feeds or reports.
- Support the identification, escalation, and resolution of gaps in visibility, intelligence and technology that could improve the efficiency or efficacy of the Cyber Security services.
- Improve existing documentation or create documentation where required.
- Ensure responsible handling of potentially sensitive information.
- Be the initial escalation point for other TAFE Queensland teams for any cyber security related queries, including technical discussions with ICT teams and non‑technical discussions with business units.
- Organise, liaise, and support the delivery of TAFE Queensland’s penetration testing function, including application testing and purple team scenarios.
- Contribute to the success of transformation and cultural change by promoting and modelling the values of Safety First, Working Together, Focusing on our Customer, Taking Responsibility and Showing Initiative. Qualifications and Experience
- Demonstrated knowledge across various ICT systems and concepts such as basic networking, Identity and Access Management, Software and Application Management, Microsoft 365, Entra ID, Windows Operating Systems, and Unix Operating Systems.
- Demonstrated experience working within a cyber security role involving the security monitoring of Microsoft Azure and Office 365 cloud‑based environments.
- Demonstrated experience in the Kusto Query Language or equivalent, and scripting languages such as PowerShell or Python in the context of automating tasks.
- Demonstrated experience building on capabilities in next‑generation SIEM/SOAR solutions and a explicit vision and understanding of security orchestration.
- Strong written and verbal communication skills, with the proven ability to engage effectively at all levels of an organisation, including the ability to work effectively alongside outsourced delivery partners.
- Demonstrated ability to live and promote a strong ICT team culture that values the contributions of all team members, is honest and considerate, and actively participates in building and maintaining a high‑performance team. Highly Desirable Requirements
- Working knowledge of the importance of timely cyber security actions to address attacks.
- Knowledge of the various functions, common toolsets, and their purposes within a Security Operations.
- Knowledge of Microsoft Sentinel, Exchange Online Protection, and Microsoft Defender for Endpoint is desirable.
- Industry knowledge of current risks, threats and systemic issues that organisations face, and what causes them.
- Possession of industry‑acknowledged security certifications valued, such as Microsoft SC‑200, MS‑500, or AZ‑500. Closing date: 11:59 PM, Sunday 31 May 2026. Job Reference Number: TQ Contact: Chris Said, Manager, Security Operations – #J-18808-Ljbffr Apply on Kit Job: kitjobau.com/job/3rmvuf