Cybersecurity Engineer

Triskele Labs is one of Australia's last remaining independent cybersecurity MSSPs. We help organisations reduce the risk of cyber compromise through risk-considered controls, and we do it entirely onshore.

We're the largest CREST Registered Penetration Testing company in Melbourne and one of the only cybersecurity firms running a 24x7x365 Security Operations Team without offshoring a single analyst. We build meaningful relationships with our clients — they're not invoice numbers to us.

About the role

As a Security Engineer, you'll be an integral part of our Engineering team — deploying and maintaining security solutions for clients and supporting Triskele Labs' own internal infrastructure. You'll work hands-on with SIEM, EDR, Mail Gateway platforms, and you'll be the person who finds solutions when things get complex and non-standard.

This role reports to the Head of Engineering and works closely with our SOC, Advisory, and Offensive teams, as well as directly with clients onsite

What you'll do

• Deploy SOC services at client sites, including ad-hoc and non-standard configurations
• Troubleshoot and resolve complex technical issues in SOC environments
• Conduct onsite security assessments and architecture reviews
• Create SOC architecture diagrams for implementation and documentation purposes
• Deploy, manage, and maintain cloud platforms including AWS, Azure, and Microsoft 365
• Support internal systems by providing escalation-level technical assistance
• Deploy internal tools and systems to meet evolving operational needs
• Maintain and secure Triskele Labs infrastructure and SaaS systems
• Drive knowledge sharing and technical uplift within the Engineering team

What we're looking for

Essential skills and experience

• Several years' hands-on experience in a security engineering, SOC engineering, or infrastructure security role
• Practical experience deploying and administering SIEM platforms (e.g. Microsoft Sentinel, Splunk)
• Hands-on EDR experience (e.g. Microsoft Defender for Endpoint, Rapid7 InsightIDR)
• Email security / mail gateway experience (e.g. Mimecast, Microsoft Defender for Office 365)
• Strong cloud skills across Azure and Microsoft 365, with working knowledge of AWS
• A genuine knack for troubleshooting complex, non-standard environments end to end
• The ability to produce clear architecture diagrams and technical documentation
• Confidence working directly with clients — running onsite assessments, reviews, and deployments

Preferred certifications (not mandatory)

• Microsoft SC or AZ suite certifications such as AZ-500 or SC-300 (highly regarded)
• CrowdStrike or Rapid7 certifications
• AWS Administrator certification
• Elastic or Splunk certification
• CompTIA Security+ or CCNA
• Tertiary qualification in a related field

Why Triskele Labs

• Competitive salary: $90,000–$120,000 + superannuation, depending on experience
• Full-time, Monday–Friday based at our Collins Street Melbourne office with flexible working arrangements
• Work with genuinely interesting, complex security problems — not cookie-cutter deployments
• A culture built on accountability, honesty, and backing each other — no politics, no blame culture
• Leaders who lead from the front and take responsibility alongside their team
• Occasional travel and client-site work to keep things varied

How to apply

Full Australian working rights are required for this role.

The interview process is straightforward: an informal chat, followed by a technical interview with the Head of Engineering and a Senior Security Engineer, and a short technical assessment.

Applicant must include a cover letter addressed to our Head of Engineering, Joseph Suric. Applications without a cover letter will not be considered.