Security Operations Engineer

About Us

blueAPACHE is an Australian owned award-winning Managed Service Provider, recognised for the 5th year running, as Mid-Market Partner of the Year at the ARN Innovation Awards. We pride ourselves on being a genuinely great place to work, with a vibrant culture, clear vision, and strong leadership.

When joining blueAPACHE, you are joining an organisation that is driven by our core values of employee and customer experience. We are proud to be an equal opportunity employer and are committed to building a diverse and inclusive workplace where we embrace our individual talents, and our differences.

Goals:

The primary role of the Cyber Security Operations Engineer is to deliver exceptional customer service while managing and maintaining our customer environments besides creating documentation around various processes and procedures.

As a Security Operations Engineer this role requires a good range of technical capabilities in line with technologies we manage for our customers as well as the ability to troubleshoot issues.

Requirements

Demonstrated experience and proven performance within Security Operations (SOC), Threat Detection, and Incident Response.

Hands-on expertise in Microsoft Security Solutions, including but not limited to:

o   Microsoft Defender for Endpoint, Defender for Identity, Defender for Office 365

o   Microsoft Sentinel (SIEM/SOAR) – Log ingestion, rule tuning, automation (Logic Apps/KQL queries)

o   CrowdStrike Falcon Endpoint Protection – EDR/XDR, Threat Hunting, and Response

o   Identity & Access Management (IAM) – Microsoft Entra (Azure AD), CyberArk, Privileged Access Management (PAM)

• Experience with Security Awareness and Phishing Simulation tools like KnowBe4, Mimecast, and Application Whitelisting solutions such as Airlock and Microsoft Defender Application Control.
• Strong understanding of ASD Essential 8, NIST, CIS Controls, MITRE ATT&CK, or other security frameworks.
• Knowledge of ITSM tools (ServiceNow, or equivalent) and documentation repositories (Confluence, SharePoint, or Wiki-based systems).

Hands-on experience in:

o   Security Monitoring, Threat Intelligence, and Threat Hunting

o   Incident Response & Digital Forensics – analyzing logs, investigating security incidents, and containing threats

o   Driving Vulnerability Management Programs for enterprise customers

• Experience with network and cloud security, including Azure Security Center, Azure Firewall, and Microsoft 365 Security Compliance.
• Security solutions implementation and operational experience, particularly in a Microsoft security ecosystem.
• Strong communication skills with the ability to interact with customers, provide security guidance, and conduct security posture assessments.

Responsibilities:

• Provide 2nd-level technical support for Microsoft Defender, Microsoft Sentinel, and CrowdStrike within agreed SLA agreements.
• Monitor, investigate, and respond to security incidents using Microsoft Sentinel SIEM, Defender for Endpoint, and CrowdStrike EDR/XDR.
• Adhere to Incident Response, Threat Management, Security Operations, Problem, and Change Management processes aligned with ITIL and security frameworks (ASD Essential 8, NIST, MITRE ATT&CK).
• Proactively hunt for threats and perform security investigations by analyzing logs, alerts, and endpoint telemetry data from Microsoft Defender, Sentinel, and CrowdStrike Falcon.
• Configure, manage, and fine-tune security tools, including Microsoft Defender for Endpoint, Defender for Office 365, Sentinel (SIEM/SOAR), and CrowdStrike EDR/XDR.
• Support SIEM rule tuning, automation (KQL, Logic Apps), and dashboard creation to enhance SOC efficiency.
• Perform vulnerability scanning and management using Rapid7, Tenable, or Qualys, ensuring remediation actions are tracked and implemented.
• Create and maintain technical documentation for customer security environments, including runbooks, playbooks, and incident response procedures.
• Provide escalated support from Service Desk (NOC/SOC Level 1) teams and assist in resolving security-related issues for enterprise customers.
• Develop and maintain knowledge base articles, security response processes, and playbooks for improved SOC operations.
• Participate in on-call rotations for after-hours incident response, threat escalations, and SOC monitoring.
• Conduct periodic customer meetings, presentations, and security posture reviews to provide insights into threat landscape, incident trends, and security improvements.

Qualifications:

Industry Certifications (Security & SOC Specialization):

• Microsoft Security Certifications (e.g., SC-200: Microsoft Security Operations Analyst, SC-400: Microsoft Information Protection Administrator)
• CrowdStrike Falcon Certification (e.g., CrowdStrike Certified Falcon Administrator (CCFA), CrowdStrike Certified Falcon Responder (CCFR))
• SIEM/SOAR Certifications (e.g., Microsoft Sentinel, Splunk Certified SOC Analyst, QRadar Security Analyst)

General Security Certifications:

• CompTIA Security+ (or equivalent foundational cybersecurity certification)
• ISC2 CC (Certified in Cybersecurity)
• GIAC Security Operations Certified (GSOC)
• Certified SOC Analyst (CSA) – EC-Council

Appropriate Tertiary qualifications in Cybersecurity, IT, or a related field (Computer Science, Information Security, or equivalent).

Benefits

blueAPACHE continues to grow alongside some of Australia’s leading midmarket businesses, our valued clients. We continue to stay abreast of current technologies to maintain our competitive advantage, offering the opportunity to continually expand your technical expertise and provide an uncompressing offering to our clients. We recognise our people are our most significant differentiator.

• We offer options for you to interview virtually.
• blueAPACHE offers an environment to make a real difference, develop careers within a supportive and rewarding environment.
• Flexibility to work the way that aligns with our values of employee and customer experience, including hybrid/work from home model.
• Regular social events and an awesome culture – work with a team of experts in their field.
• Ongoing training and development including paid certifications.
• Quality hardware and laptop provided.
• Employee referral programs - once you are in and you are loving it - you can refer a friend and get paid for it!

*** Please note, all offers of employment at blueAPACHE are subject to National Police Checking Service.