Security Operations Engineer (Canberra)

Job Description We are looking for a Security Operations Engineer to design, implement, and operate secure, scalable, and automated technology platforms that support the delivery of complex cloud and hybrid information systems. This role is responsible for embedding secure‑by‑design principles, automating infrastructure and deployment processes, and ensuring the confidentiality, integrity, availability, and compliance of ATO systems. Operating within a DevOps‑aligned workplace, the Engineer embeds security and automation across CI/CD pipelines, leveraging cloud services, infrastructure‑as‑code, monitoring, and alerting capabilities. You will contribute to the development of policies, standards, and reusable patterns while driving continuous improvement in platform reliability, security posture, and delivery efficiency. Qualifications
- Cloud Security Operations: Expert proficiency in AWS security controls (IAM, EC2, S3, CloudTrail, Security Groups) with the ability to implement, maintain, and monitor secure cloud environments.
- DevSecOps & CI/CD Integration: Demonstrated experience delivering secure build practices within Azure DevOps (ADO) pipelines, including automated security testing, gated approvals, and compliance automation.
- Infrastructure as Code (IaC): Familiarity with AWS CDK or equivalent frameworks to ensure the secure, repeatable, and automated provisioning of cloud resources.
- Vulnerability Management: Hands‑on capability using Tenable Nessus (or similar) for scanning and assessment, with experience integrating risk data into SIEM and GRC platforms (specifically ServiceNow).
- Monitoring & Log Analysis: Skilled in defining alerting thresholds in AWS CloudWatch and performing deep‑dive log analysis and dashboarding using Splunk or the ELK Stack.
- Application Security Testing: Practical experience conducting SAST and DAST across complex systems, utilizing tools such as Fortify, SonarQube, and Xray for continuous security assurance.
- Supply Chain Security: Knowledge of CycloneDX and SBOM (Software Bill of Materials) generation and validation to manage and secure the software supply chain.
- Secure Coding & Scripting: Strong understanding of secure coding practices (Python, Java, JavaScript) to support threat modeling and the development of security‑focused automation scripts.
- Secure‑by‑Design Implementation: Proven ability to embed security gates and automated controls within DevOps workflows, ensuring alignment with architectural security principles.
- Willing and able to obtain an AGSV Security clearance. Benefits NCS Australia offers paid parental leave, initiatives focused on well‑being and discounted health insurance, and various discounts on products and services. Employees receive regular recognition and rewards for high performance and are supported through career development programs, industry and partner training, special interest groups, and an AI‑driven learning platform. Equal Opportunity & EEO Statement NCS Australia is an equal‑opportunity employer and values and supports our people and the communities we serve. We are committed to attracting, retaining and developing our people regardless of gender identity, ethnicity, sexual orientation, disability and age. Applications are encouraged from all sectors of the community and we strongly encourage applications from Veterans, Aboriginal and/or Torres Strait Islander community. We actively support and encourage people with disability to apply. To be eligible for a position with us, applicants will need to have valid work rights for Australia and be willing to undergo a comprehensive background checking process, including probity and police checks. #J-18808-Ljbffr Apply on Kit Job: kitjobau.com/job/3r9lte