Threat Detection Engineer
Hybrid · New South Wales, Australia
Job Summary
Threat Detection Engineer to design, build and continuously improve detection capabilities across SIEM/EDR platforms (e.g., Microsoft Sentinel, Defender XDR, Cortex XSIAM) within Optus' Cyber Defence Operations. Role involves end-to-end detection lifecycle, detection-as-code practices, incident triage support, and collaboration with SOC/threat intelligence teams. Hybrid work model in Australia (office and home) with a focus on reducing noise, improving alert quality, and aligning detections with MITRE ATT&CK and threat intelligence insights. Requires Australian Citizenship and ability to obtain Government Security Clearance.
Required Qualifications
- Hands-on experience in cyber security operations (SOC, incident response or threat detection engineering)
- Strong understanding of security concepts including attack lifecycle, threat actor techniques, and alert triage workflows
- Familiarity with SIEM and EDR platforms, and ability to analyse logs across endpoint, identity and network sources
- Experience or exposure to detection engineering, rule creation, or threat-informed defence practices
- Strong problem-solving skills with the ability to balance detection coverage and operational noise
- Effective communication skills and ability to document clearly in operational environments
- A growth mindset, with eagerness to learn and develop within a high-performing cyber team
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.