At SBS, we embrace difference, and we welcome applications from people of all backgrounds.

We also acknowledge the unique contribution that Aboriginal and Torres Strait Islander peoples make to our society and our workplace through their enduring and continued connection to land, sea, sky and community.

About Us

SBS is one of the world's most unique and innovative media organisations, producing trusted, meaningful, and engaging content that exists for all Australians to inspire, support and celebrate the diversity of our multicultural society. 

Our purpose, for the last 50 years, has reflected and explored the evolving diversity of Australia, investing in initiatives to deepen its connections with communities, sharing their stories and giving a voice to those often unheard, with the aim of increasing understanding and respect of the differences that make up Australia.

SBS is a truly distinctive network, showcasing multicultural, multilingual and First Nations stories otherwise untold in the Australian media.

Please note: As part of the hiring process, candidates will require to undergo a security background check. 

The Department

SBS Technology can be thought of as the 'engine room' of SBS. Our primary role is to enable and support the production, distribution, and transmission of content across television, radio, and online platforms. Our teams achieve this by working collaboratively to design innovative solutions and deliver end-to-end services for our business stakeholders.

About The Role

The Senior Cyber Security Engineer plays a key role in the design, deployment, automation, and ongoing management of security technologies across the organisation. The role has a strong technical focus, particularly in Elasticsearch, CrowdStrike EDR, Forensic tools, Microsoft 365 security, AWS security and security automation.

The successful candidate will bring proven expertise in the design, implementation, and support of cyber security solutions, along with excellent communication and relationship-building skills to work effectively across business and technical teams.
In addition to project delivery, this role includes hands-on involvement in security operations, including alert monitoring, incident response, and participation in an on-call roster.

This is a senior engineering position that requires deep technical acumen and the ability to collaborate across departments to uplift and maintain the organisation’s security maturity at scale. You will be involved in all facets of security roles and responsibilities, where one day is rarely the same as the next. 

Key Responsibilities

1. SIEM & Threat Detection

• Manage and deploy Elasticsearch SIEM components, including Elastic Agent and security integrations. 
• Create and tune security detections, alerts, and dashboards within Kibana.
• Integrate and manage new security log sources.

2. Architecture and Design

• Actively participate in the selection, design and configuration of new security tools.
• Act as a key technical resource for security improvements across the organisation.

3. Endpoint Detection and Response

• Manage, deploy and monitor CrowdStrike Falcon EDR, ensuring optimal security posture across endpoints.
• Configure and fine-tune CrowdStrike policies to enhance detection and prevention capabilities.
• Leverage CrowdStrike APIs to automate detection, response, and forensic investigations.

4. Microsoft 365, EntraID and Active Directory Security

• Manage and secure Microsoft 365, EntraID security features, including Defender for Office 365 and Conditional Access Policies.
• Ensure Active Directory security is maintained and benchmarked against best practice initiatives. 
• Monitor security compliance within Microsoft cloud environments.

5. AWS & Cloud Security Management

• Monitor AWS security services such as GuardDuty, Security Hub, and CloudTrail for suspicious activity.
• Develop AWS security automation for monitoring, alerting, and response.

6. Security Compliance & Continuous Improvement

• Support security risk assessments and contribute to vulnerability management efforts.
• Assist in audit and compliance activities, ensuring adherence to security policies and regulatory requirements.
• Maintain and update security documentation, incident playbooks, and response procedures.

7. Automation & Security Engineering

• Leverage PowerShell, Python and Power Automate to streamline security response workflows.
• Automate security event triage and remediation using SOAR methodologies.

8. Technical Guidance and Support

• Provide technical guidance, and day-to-day support to Cyber Engineers and Cyber Analysts, where required, to enhance their capabilities in security operations, incident response and vulnerability management.
• Act as a trusted escalation point for complex technical issues, providing expert input and encouraging critical thinking and solution-oriented approaches among the team. 

About You

• 5+ years in a similar Engineering role and proven experience across cyber security roles.
• Proficiency in managing Elasticsearch and Elastic Stack components is required for this role (Elastic Agent, SIEM integrations, Kibana).
• Experience in researching and implementing proactive defensive initiatives in direct response to new or targeted attack techniques seen across the treat landscape.
• Proven experience designing, managing and supporting security uplift projects from inception to completion involving coordination across multiple departments.
• Expertise in securing and managing CrowdStrike Falcon EDR, Active Directory, M365, EntraID, Exchange Online and AWS security services.
• Knowledge of security frameworks such as NIST, ASD Essential 8, and MITRE ATT&CK.
• Ability to work independently and contribute to security automation projects.

Further Desirable Requirements

• Certification in Elasticsearch (Elastic Certified Engineer or Analyst).
• SANS GCFA (Certified Forensic Analyst) or similar security certification.
• Strong scripting and automation skills using Python, BASH, and PowerShell.