Security Engineer - Blue Team (AU)

Work with cutting edge technology, making the world a safer and more secure place. DroneShield (ASX:DRO) offers an opportunity to solve some of world’s most challenging technical problems in the Electronic Warfare, Artificial Intelligence and Machine Learning, RF sensing, Sensor Fusion and distributed systems. Working with high profile customers across militaries, government agencies, airports, critical infrastructure, law enforcement and many others.

With one of the largest listed defence company market capitalisations in Australia and having raised approximately $250m in 2024 alone, DroneShield is undergoing hypergrowth stage, fuelled by rapidly increasing use of drones for nefarious applications, from battlefield, to terrorism, to contraband delivery and commercial espionage.

This role is in the DroneShield Sydney headquarters in Pyrmont, Sydney. There are approximately 200 staff based in the 4,000sqm facility today, scheduled to grow to approximately 300 staff by end of 2026. Overseas on the ground presence includes Virginia (USA), Denmark, Germany and Dubai, as well as distributors in over 70 countries globally.

About the role

We are seeking a well-rounded Security Engineer with relevant experience and qualifications to join DroneShield’s Security Team in Sydney. This Blue Team role will focus on aspects of Detection & Incident Response, including infrastructure and operations, and will also contribute to the Security team as a generalist. Be part of a well-funded and agile organisation, as a valued member of an autonomous, cross-functional team. We have a flat organisational structure, and the best candidates will be both creative lateral thinkers and doers.

Responsibilities, Duties and Expectations 

• Develop and manage new security monitoring and automation tools to enhance DroneShield’s detection and response capabilities whilst working with the engineering team to improve our vulnerability management processes 
• Investigate and triage security events, alerts and vulnerability management on endpoints, servers and cloud infrastructure
• Patch management, software compliance and license management on endpoints
• Identify new threats and fine tune detection capabilities using existing and new tools and techniques
• Evaluating new and emerging security technologies that make it easier to reliably maintain security at DroneShield
• Partake in running our general security awareness by working with and mentoring the wider DroneShield team in building a stronger culture of security awareness
• Use a data-driven approach to validate that security initiatives are successful or to identify strategic opportunities for improvement.

Qualifications, Experience and Skills 

• Relevant qualification in computer science, cyber security, information systems, or equivalent years of experience in a related technical field
• 2+ years of experience in the field of Incident Response, detection engineering and response, security analysis or related security role
• Hands on experience:
• • Implementing and improving SIEM and SOAR platforms such as Microsoft Sentinel
  • Securing endpoints, servers and embedded/air gapped type physical devices
  • XDR/EDR tools such as Defender, CrowdStrike etc.
  • Security incident response lifecycle, processes and threat analysis
• Familiarity with cloud-based services and infrastructure – O365, EntraID etc.
• Knowledge of modern adversary tactics, techniques, and procedures (TTPs), OWASP Top 10, MITRE ATTACK Framework etc. 
• Good understanding of the OSI model, TCP/ IP networks, networking principles, security vulnerabilities, patching, and remediation workflows
• Ability to work in a multidisciplinary team, communicating effectively with engineers from non-software background
• Desirable but not necessary
• • Experience with Identity and Access Management (IAM), least privilege and zero trust approaches
  • Experience in scripting and automation using tools such as Bash, Powershell, Python etc
  • Knowledge of operating systems, file systems, or memory on Linux and Windows

Who you are

• You are continuously learning, curious and enhancing your skills. You keep up with current best practices and advancements in your areas of expertise
• You participate actively in the broader security community (meetups, blogs, talks etc.)
• You are always on the lookout for improvements and enabling best practices across the business.

Note for recruitment agencies: we do not accept floated candidates from external recruiters unless they were instructed to do so.