Brisbane
Contractor - $130 per hour (Inclusive)
About the Role We are seeking a highly capable Cyber Security Engineer with strong skills in vulnerability remediation, application patching, patch management, and IoT device/network security. This is a hands-on role requiring someone who can work under pressure, respond rapidly to emerging threats, and collaborate closely with operational teams to strengthen our security posture and close solution gaps.
In this role, you will protect and secure the departments assets that fall within the scope of the agency’s Information Security Management System (ISMS), working within a hybrid operating model that includes internal and external security partners.
Key Responsibilities Priority Responsibilities (Most Critical to the Role):
- Lead and execute vulnerability remediation, patch remediation, and enterprise application patching activities.
- Manage and enhance application security, addressing solution gaps and improving operational processes.
- Support and secure IoT devices and IoT network environments, including monitoring, remediation, and configuration activities.
- Collaborate closely with the Operational Team to execute changes, maintain system stability, and resolve issues quickly.
- Work effectively under pressure during critical security events or rapid patching cycles.
- Operate within a hybrid cyber security model, coordinating with both internal teams and external security partners.
- Conduct cyber offence assurance activities, including penetration testing of QCS systems and networks (pending approvals).
- Deliver cyber security incident response, including monitoring, investigation, containment, eradication, recovery, documentation, and reporting.
- Undertake threat hunting based on actionable threat intelligence.
- Lead the identification and management of cyber security threats, vulnerabilities, and risks.
- Develop and implement cyber security controls aligned with IS18, ISO/IEC 27001, ASD Essential Eight, and the ASD Information Security Manual (ISM).
- Manage and maintain critical cyber infrastructure including:
- Firewalls / IPS
- Antivirus
- Internet proxy servers
- Email gateways
- SIEM (Splunk / Sentinel)
- Cloud security controls
- Vulnerability and threat management platforms
- DMZ environments
- Perform technical information security assessments and threat modelling.
- Contribute to cyber security policy development, uplift, and implementation.
- Conduct and oversee cyber security investigations in partnership with relevant stakeholders.
- Provide leadership and mentoring to cyber security team members.
- Perform additional duties as required.
Essential Skills & Experience
- Proven technical experience in a cyber security role following industry best practice.
- Demonstrated experience in incident response, investigations, and vulnerability remediation.
- Strong analytical and problem-solving skills with the ability to reduce security risks to acceptable levels.
- Experience conducting technical threat and risk assessments aligned with industry and government frameworks.
- Experience in – or ability to rapidly learn – the following technologies:
- Firewall / IPS configuration & management
- Email & Web content filtering
- PKI management
- Application Delivery Controllers
- Antivirus platforms
- VPN and remote-access systems
- SIEM (Splunk / Sentinel) usage, alerting, and dashboarding
- Cloud security (AWS, Azure)
- Vulnerability scanning, reporting, and remediation workflows
- Phishing monitoring & simulation campaigns
- Awareness of emerging cyber threats and implementation of appropriate countermeasures.
- Strong teamwork and collaboration skills.
- Excellent communication and coordination abilities.
- Ability to learn and apply cyber defence, offence, and threat-hunting techniques.
