Cybersecurity Engineer – Defence & Government

About the role

We are looking for a Cybersecurity Engineer to lead the design, implementation and oversight of defence‑grade cybersecurity architecture for Bluestaq Australia. Based in Canberra, you will work with engineering and operations teams to ensure the integrity, compliance and resilience of secure systems that support Australian defence, government and national security missions.

Key responsibilities

• Define and enforce cybersecurity standards aligned with NIST, ISO/IEC 27001 and the ASD Essential Eight.
• Prepare and submit ATO artefacts, including security documentation, risk registers and evidence packages.
• Implement and validate technical security controls in classified environments following Australian ISM and ACSC requirements.
• Develop, deploy and automate security tools to remediate vulnerabilities and strengthen defences.
• Conduct risk assessments, vulnerability testing and security audits.
• Configure and monitor security tools, analyse logs and respond to security events.
• Collaborate with engineering teams to implement secure authentication, encryption and access‑control solutions.
• Evaluate emerging cybersecurity technologies and integrate them into the infrastructure.
• Provide expert troubleshooting for complex security challenges.

Required profile

• 6–8+ years of cybersecurity experience, preferably in defence, government or critical infrastructure.
• Relevant tertiary qualification or equivalent experience.
• CISSP (or equivalent) and ASD‑recognised cybersecurity credentials.
• Strong expertise in Linux systems and network security.
• Commitment to the core values of Ownership, Curiosity, Talent and Trust.

Required skills

• Linux operating systems
• Network security
• NIST framework
• ISO/IEC 27001
• ASD Essential Eight
• Australian ISM and IRAP
• Authority to Operate (ATO) processes
• Security tool configuration and automation
• Vulnerability assessment and risk assessment
• Security auditing
• Authentication, encryption and access‑control
• Log analysis and incident response
• CISSP certification