Detection Engineering Analyst

The Role

As an APS 6 Detection Engineer within the Defence Security Operations Centre (DSOC), you are responsible for development and maintenance for detections used in the monitoring of Defence systems.

Duties include:

• Developing detection logic using a DevSecOps methodology to detect cyber threats against Defence;
• Supporting the development of frameworks and policy;
• Building playbooks for detection analysis and response action guidelines from alerts;
• Working with analysts to tune and improve detection logic tuning;
• Developing and maintaining of Standard Operating Procedures and Work Instructions in a professional, accurate manner to support consistent investigations;
• Implementing continuous improvement processes throughout the detection logic lifecycle;
• Using technical expertise to provide mentoring and support to other staff, fostering a knowledge-sharing environment;
• Understanding and applying relevant policy and legislation governing ICT security in Defence;
• Setting work priorities, managing workflows, tasking/training staff and undertaking stakeholder engagement and management with internal and external stakeholders;
• Contribute to unit outcomes including detailed technical and professional advice in relation to complex cyber scenarios;
• Be a contributing part of an integrated team, achieving work priorities, managing own workflows, building capacity through contributing to team deliverables and peer-reviewing the quality of work undertaken by others as required.

This role is eligible for an additional remuneration benefit known in Defence as a Building Defence Capability Payment (BDCP). This enables Defence to provide a premium, in addition to the base salary otherwise payable under the Defence Enterprise Collective Agreement (DECA), for positions in occupational disciplines/classifications that are critical to Defence capability. For further information, please contact the contact officer.

About our Team

DSOC is the strategic centre for Cyber Security Operations within Defence. DSOC provides mission focused services across the Defence enterprise through a range of Cyber Security Operations functions. The team have access to contemporary tools, training, and support to enable high quality achievement, responsive, and dynamic outcomes in support of Defence and its mission.

DSOC is a collaborative and agile team, committed to providing opportunity for professional development whilst also contributing to key strategic outcomes. DSOC consists of a diverse workforce of complementary skillsets, inclusive of APS, ADF, and contractors. We routinely engages with a wide range of stakeholders across the Department, Whole-of-Government, and Defence Industry, to identify new opportunities for improvement and collaboration.

Our Ideal Candidate

Team orientated collaborator with a strong passion for Information Technology and Cyber Security with the ability to understand and interpret ICT and technical indicators from a variety of sources.

Our ideal candidate will:

• Possess an understanding of defensive cyber security operations, and/or cyber security incident response as the front line in defensive capability within a Security Operations Centre;
• Have experience in developing logic to detect suspicious activity;
• Possess experience with scripting and programming languages;
• Have demonstrated experience, or qualifications in SIEM and SOAR technologies and processes;
• Demonstrate ability to manage competing priorities to a high standard of accuracy within allocated timeframes;
• Possess a well-rounded ability to think critically, and be inquisitive, while diligently and pragmatically driving at results;
• Demonstrates self-awareness and a commitment to share learning opportunities and support others;
• Demonstrated ability to build and sustain relationships with various stakeholders.

Application Closing Date: Thursday 28 August 2025

For further information please review the job information pack, reference JCG/06657/25 on