Security Engineer
Gallant Collective
Southbank, VIC
Posted
Jan 5, 2026
Job Type
Remote
Work Mode
On-site
Salary
Salary negotiable
Job Description
We are seeking a highly skilled Security Engineer – Splunk / SIEM Specialist to support the expansion of its security detection, monitoring and analytics capability. This role is ideal for a security professional with strong SIEM expertise—particularly Splunk Cloud—and a passion for designing high-value use cases, integrating data sources, and uplifting security posture through automation and analytics.
Working closely with project managers, architects and cross-functional security teams, the Security Engineer will take ownership of developing use cases, managing log sources, creating parsers, delivering integrations, and producing best-practice documentation. This role plays a key part in enabling advanced detection strategies, actionable reporting, and modernised security automation across the organisation.
Key Responsibilities
- Collaborate with project managers and technical teams to define and articulate value-added security use cases
- Administer and manage Splunk Cloud environments and data sources, including:
- HEC
- Syslog-based (rsyslog / syslog-ng) forwarders
- Ingestion pipelines
- Develop and document best-practice techniques, architecture diagrams, templates, and processes to uplift team capability
- Provide expert guidance on log structure, custom ingestion, parser creation, parser validation and use case mapping
- Train stakeholders and skill groups on dashboards, reporting capabilities and value-driven analytical outcomes
- Write, review and maintain knowledge-base documentation to support ongoing operations
- Design and implement integrations between security toolsets to automate discovery, alerting, and remediation workflows
- Deploy open-source and commercial tools to strengthen monitoring, detection and overall security capability
- Create custom Splunk parsers, dashboards, reports, and deliver integration activities as required
Mandatory Qualifications & Experience
- Minimum 5 years of security operations management experience, including:
- At least 2 years hands-on Splunk SIEM experience (with relevant Splunk SIEM training)
- At least 1 year experience with Splunk or Azure Security Centre (with formal training)
- Strong written, verbal and interpersonal communication skills
Preferred Qualifications & Experience
- Bachelor’s degree in a relevant field plus two or more cybersecurity certifications
- Experience with scripting languages such as:
- PowerShell
- Python
- Node.js
- Perl
- Technical certifications (examples):
- CEH
- Splunk Enterprise Security Certified Admin / Splunk Cloud Certified Admin
- MCSE (Azure Security Centre)
- CISSP
- CCNA
- MCSE
What This Role Offers
- The opportunity to shape and uplift SIEM capability across a large-scale environment
- Ownership of designing high-value detection and reporting outcomes
- Exposure to modern security automation, integration and engineering practices
- A long-term 12-month fixed term contract with stable full-time hours (8am–5pm IST)
