Cyber Security Engineer (Microsoft Lead)

At Centorrino Technologies (CT), we’re more than just tech-we’re a community that goes beyond expectations. We’ve been recognised as a Great Place to Work in 2024-2025 and one of the Best Places to Work Medium Size in Australia for 2024, with an outstanding eNPS score of 68. And we’re not stopping there. We're on a mission to redefine the customer experience, and we need a passionate Cyber Security Engineer to join our team in Melbourne or Perth.

Our Security Engineers act as a technical escalation point for the Security Analysts within their team.  They ensure incidents are analysed thoroughly, detections are tuned effectively, and the SIEM platform remains reliable, automated, and aligned to best practice. The position does not include direct people management, but requires strong technical leadership, mentoring, and an ability to guide others through complex investigative and engineering tasks.  

Everyone at CT lives by the CT values, and contributes to the success of the business by respecting their fellow team members, giving each other support and advice, and by contributing to the overall customer experience by working together to achieve the right outcomes. 

What You'll Do:

• Serve as the technical lead for Microsoft Sentinel, owning the design, evolution and effectiveness of detection, correlation and visibility across customer environments.
• Design, build and continuously refine analytics rules, correlation logic and workbooks to reduce noise and surface high-value, actionable alerts.
• Lead advanced security investigations across identity, endpoint, network, cloud and threat intelligence data, acting as the escalation point for complex incidents.
• Provide clear, pragmatic guidance on containment and remediation, enabling fast and confident response.
• Proactively identify and drive automation and SOAR opportunities to reduce response times and analyst effort across security operations.
• Ensure detection coverage aligns with MITRE ATT&CK, Essential Eight, Microsoft best practice and customer security requirements.
• Validate and quality-check incident analysis produced by junior and mid-level analysts to ensure consistent, high-quality outcomes.
• Coach and mentor analysts and engineers, lifting investigation capability and promoting best practice across the team.
• Develop and maintain clear, practical documentation covering procedures, configuration baselines and operational standards.
• Produce custom dashboards, workbooks and visualisations to improve situational awareness and security insight.
• Support architects and consulting engineers with technical input for new Sentinel deployments and improvements to existing environments.
• Contribute to regular reporting on incident trends, tuning activity, automation maturity and platform health, while consistently demonstrating CT values and complying with CT policies.

What You'll Bring:

• Have a NV1 security clearance, or is an Australian Citizen capable of NV1 clearance. 
• Extensive experience running Microsoft Sentinel in an MSP or SOC environment. 

• Strong proficiency in Kusto Query Language (KQL) for analytics rules, workbooks, hunting queries and troubleshooting. 

• Experience in creating SIEM playbooks and automation workflows 

• Experience presenting reports and issues to management. 

• A positive mindset with a ‘can do’ attitude. 

• Good verbal and written communication skills 

• Proven attention to detail 

• Deep understanding of Microsoft Defender XDR products and their integration with Sentinel. 

• Strong knowledge of Azure AD / Entra ID, Azure security services, and on-premises log-source integration. 

• Strong ability to lead technical escalations and support less experienced analysts. 

Why You'll Love Working Here:

Our company is more than just a workplace, it's a hub of inspiration and creativity where employees love to work! Here's why:

• Extensive training and development opportunities that enable continual growth as part of your career planning.
• Extensive discounts and benefits to maximise your money.
• A choice of your IT equipment to maximise your success and access to cost-price tech for your personal needs.
• Fun team events to celebrate achievements and connect with colleagues outside work as part of our engaging culture.

CT celebrates diversity and enables every voice to be heard as we drive to create the world we want. Apply today and be part of a team that values innovation, inclusivity, variety and diverse backgrounds.

Note: A valid Vulnerable People / Working with Children Check (WWCC) and Police Check are required.