The Senior Security Detection Engineer is to design, develop and optimise SIEM detections to enhance threats visibility, and response capabilities.
13th July, 2026
12 Months Contract (with the view to extend)
Large Telco Organisation
Melbourne CBD Location | Hybrid Working Arrangement
We are looking for an experienced Detection Engineer to support a major Unified SIEM Transformation program. In this hands-on role, you will design, build, and optimise security detections to improve threat visibility, strengthen monitoring capabilities, and support faster incident response.
You will be working closely with SOC, Threat Intelligence, and Security Engineering teams, you will develop scalable detection use cases, improve SIEM performance, and help enhance the organisation's overall cyber security posture.
Key Responsibilities:
Design and develop threat detection use cases aligned to threat intelligence and the MITRE ATT&CK framework.
Build, tune, and optimise SIEM rules, alerts, and analytics.
Improve detection coverage while reducing false positives.
Apply detection-as-code practices, including testing and version control.
Support SIEM transformation activities, including data onboarding and log normalisation.
Convert threat intelligence and incident findings into actionable detections.
Develop detections across identity, endpoint, network, and cloud environments.
Work with SOC teams to validate detections and improve alert triage.
Identify logging and telemetry gaps and recommend improvements.
Ensure security data is effectively ingested, parsed, and mapped to detection use cases.
Key Requirements:
5+ years' experience in Detection Engineering, SIEM Engineering, Threat Detection, or SOC environments.
Proven experience developing and tuning SIEM detections in enterprise environments.
Experience supporting SIEM migrations, transformations, or consolidation programs.
Strong hands-on experience with Microsoft Sentinel, Splunk, Elastic, QRadar, or similar SIEM platforms.
Strong knowledge of KQL, SPL, SQL, or equivalent query languages.
Good understanding of the MITRE ATT&CK framework and threat detection methodologies.
Experience analysing security logs across identity, endpoint, network, cloud, and M365 environments.
Experience detecting and investigating identity compromise, malware, lateral movement, network threats, and cloud-based attacks.
Exposure to Azure, AWS, and Microsoft 365 security monitoring.
Strong analytical, problem-solving, and stakeholder communication skills.
Contract Rate: $1,000 per Day (incl. super)
Job Ref: 4055828
TO APPLY: please click on the appropriate link.
Apply For Job