Job Title

Senior Security Data Pipeline & SIEM Engineer (NV1 Required) Location: Canberra Engagement: Contract Clearance: Active NV1 Security Clearance A major program of work is underway to uplift security telemetry, log rationalisation, and SOC onboarding capabilities across a large, complex environment. Were seeking an experienced Security Data Pipeline, SIEM & Data Engineering Specialist to join the team and help deliver scalable, modern, and cost efficient security data architectures. This role is ideal for a senior engineer who thrives in high volume data environments, understands modern security logging ecosystems, and can design and optimise pipelines that support next generation SOC operations. What Youll Be Doing Designing and implementing advanced security data pipelines (Cribl, Splunk DMX, Kafka-based). Architecting and optimising Security Data Lakes (AWS Security Lake, Snowflake, Delta Lake, Microsoft Fabric). Configuring and managing SIEM platforms such as Splunk ES or Microsoft Sentinel. Developing log rationalisation, enrichment, suppression, and parsing strategies. Building scalable ingestion frameworks, schema management, and ETL/ELT processes. Enabling federated search and cross platform analytics across SIEM and data lake environments. Supporting SOC onboarding, including SOAR, threat intel, and case management integrations. Conducting performance benchmarking, readiness assessments, and architecture validation. Producing documentation, runbooks, and knowledge transfer materials. What You Bring Active NV1 Security Clearance (essential). 5+ years in security engineering, SIEM engineering, or security data platforms. Strong data engineering experience across log ingestion, transformation, and distributed systems. Hands on expertise with at least one major pipeline technology (Cribl Stream, Splunk DMX, Fluentd, Logstash). Experience with modern data lakes (AWS Security Lake, Snowflake, Delta Lake, Microsoft Fabric). Proficiency with SIEM platforms such as Splunk ES or Microsoft Sentinel. Strong scripting/automation skills (Python, SQL, PowerShell). Familiarity with cloud platforms (AWS, Azure, GCP). Experience with SOC onboarding workflows, SOAR, ticketing, and threat intelligence integrations. Excellent communication and documentation skills. We are an inclusive employer committed to fostering a diverse and accessible workplace. We encourage applications from Aboriginal and Torres Strait Islander peoples, people with disabilities, LGBTQIA+ individuals, people of all ages, and those from culturally and linguistically diverse backgrounds. #J-18808-Ljbffr