Cybersecurity Engineer

About the company

Triskele Labs is an independent cybersecurity MSSP based in Australia, focused on lowering the chance of cyber compromise through carefully chosen controls. All of its services are delivered onshore. The business is also the largest CREST Registered Penetration Testing provider in Melbourne and among the few cybersecurity firms operating a 24/7/365 Security Operations Team without sending analyst work offshore.

The company places strong value on building real client relationships and treats clients as partners rather than transactions.

About the role

As a Cybersecurity Engineer, you will be a key member of the Engineering team, responsible for deploying and supporting security solutions for clients while also helping maintain the organisation’s internal technology environment. The role is hands-on and suited to someone who enjoys solving difficult, unusual technical problems.

You will work with SIEM, EDR, and email security platforms, and will collaborate closely with the SOC, Advisory, and Offensive teams, as well as with clients on site. The position reports to the Head of Engineering.

Key responsibilities

• Implement SOC services at customer locations, including bespoke and non-standard setups.
• Investigate and fix complex issues in SOC environments.
• Carry out on-site security reviews and architecture assessments.
• Prepare SOC architecture diagrams for implementation and documentation.
• Administer cloud platforms such as AWS, Azure, and Microsoft 365.
• Provide escalation support for internal systems and technical issues.
• Deploy internal tools and systems to support changing operational requirements.
• Protect and maintain Triskele Labs’ infrastructure and SaaS environment.
• Share technical knowledge and help improve capability across the Engineering team.

Requirements

• Multiple years of practical experience in security engineering, SOC engineering, or infrastructure security.
• Hands-on experience implementing and managing SIEM tools such as Microsoft Sentinel or Splunk.
• Experience with EDR solutions such as Microsoft Defender for Endpoint or Rapid7 InsightIDR.
• Exposure to email security and mail gateway tools such as Mimecast or Microsoft Defender for Office 365.
• Solid working knowledge of Azure and Microsoft 365, plus familiarity with AWS.
• Strong troubleshooting ability in complex, non-standard technical environments.
• Ability to create clear architecture diagrams and technical documentation.
• Comfort working directly with clients during assessments, reviews, and deployments.

Preferred qualifications

• Microsoft SC or AZ certifications such as AZ-500 or SC-300 are highly regarded.
• CrowdStrike or Rapid7 certifications.
• AWS Administrator certification.
• Elastic or Splunk certification.
• CompTIA Security+ or CCNA.
• A tertiary qualification in a relevant discipline.

Compensation and benefits

The offered salary is AUD 90,000 to 120,000 per year, plus superannuation, based on experience.

This is a full-time role, Monday to Friday, based at the Collins Street office in Melbourne with flexible working arrangements.

You will work on challenging and interesting security problems rather than standardised deployments.

The culture is described as accountable, transparent, and supportive, with a strong no-blame approach.

Leadership is expected to be hands-on and to share responsibility with the team.

There may also be occasional travel and client-site work to add variety to the role.

Application process and conditions

Applicants must have full Australian working rights.

The hiring process includes an informal conversation, a technical interview with the Head of Engineering and a Senior Security Engineer, and a short technical assessment.

A cover letter addressed to the Head of Engineering, Joseph Suric, is mandatory. Applications submitted without a cover letter will not be considered.