Security Data Senior Consultant

Senior Security Data Pipeline & SIEM Engineer (NV1 Required) Location:

Canberra

Engagement:

Contract

Clearance:

Active NV1 Security Clearance

A major program of work is underway to uplift security telemetry, log rationalisation, and SOC onboarding capabilities across a large, complex environment. We’re seeking an experienced

Security Data Pipeline, SIEM & Data Engineering Specialist

to join the team and help deliver scalable, modern, and cost efficient security data architectures.

This role is ideal for a senior engineer who thrives in high volume data environments, understands modern security logging ecosystems, and can design and optimise pipelines that support next generation SOC operations.

What You’ll Be Doing

Designing and implementing advanced security data pipelines (Cribl, Splunk DMX, Kafka-based).

Architecting and optimising Security Data Lakes (AWS Security Lake, Snowflake, Delta Lake, Microsoft Fabric).

Configuring and managing SIEM platforms such as Splunk ES or Microsoft Sentinel.

Developing log rationalisation, enrichment, suppression, and parsing strategies.

Building scalable ingestion frameworks, schema management, and ETL/ELT processes.

Enabling federated search and cross platform analytics across SIEM and data lake environments.

Supporting SOC onboarding, including SOAR, threat intel, and case management integrations.

Conducting performance benchmarking, readiness assessments, and architecture validation.

Producing documentation, runbooks, and knowledge transfer materials.

What You Bring

Active NV1 Security Clearance (essential).

5+ years in security engineering, SIEM engineering, or security data platforms.

Strong data engineering experience across log ingestion, transformation, and distributed systems.

Hands on expertise with at least one major pipeline technology (Cribl Stream, Splunk DMX, Fluentd, Logstash).

Experience with modern data lakes (AWS Security Lake, Snowflake, Delta Lake, Microsoft Fabric).

Proficiency with SIEM platforms such as Splunk ES or Microsoft Sentinel.

Strong scripting/automation skills (Python, SQL, PowerShell).

Familiarity with cloud platforms (AWS, Azure, GCP).

Experience with SOC onboarding workflows, SOAR, ticketing, and threat intelligence integrations.

Excellent communication and documentation skills.

We are an inclusive employer committed to fostering a diverse and accessible workplace. We encourage applications from Aboriginal and Torres Strait Islander peoples, people with disabilities, LGBTQIA+ individuals, people of all ages, and those from culturally and linguistically diverse backgrounds.

#J-18808-Ljbffr