Cyber Security Technical Analyst – SIEM Specialist

About the role

The Cyber Services Section is looking for a Cyber Security Technical Analyst to design, implement and optimise Security Information and Event Management (SIEM) capabilities. The role supports the department’s cyber security posture by ensuring security events are ingested, correlated and acted upon in line with government frameworks such as PSPF, ISM and the Essential Eight.

Key responsibilities

• Design, develop and implement log solutions for SIEM, including ingestion, storage and querying.
• Create and maintain comprehensive technical documentation for SIEM and logging systems.
• Identify and close capability gaps in alerting, detection and security event logging.
• Build and tune alerting and detection capabilities across SIEM and SOAR toolsets.
• Liaise with third‑party vendors and internal business areas to achieve targeted security outcomes.
• Investigate and implement improvements to uplift the overall security posture.

Required profile

• Proven experience with Azure and Microsoft Sentinel.
• Strong ability to document findings and implement security policies.
• Experience providing security advice to stakeholders, team members and executives.
• Hands‑on experience ingesting logs, developing use cases and tuning log sources.
• Background working within a cyber security team and following direction.

Required skills

• Azure
• Microsoft Sentinel
• SIEM
• SOAR
• Log ingestion
• Log storage
• Log querying