Senior IT Cybersecurity Engineer – Blue Team

About Teneo:

Teneo is the Global CEO Advisory firm. We partner with our clients globally to do great things for a better future. Drawing upon our global team and expansive network of Senior Advisors, we provide advisory services across our five business segments on a stand-alone or fully integrated basis to help our clients solve complex business challenges. Our clients include a significant number of the Fortune 100 and FTSE 100, as well as other corporations, financial institutions, and organisations. Our full range of advisory services includes Strategic Communications, Investor Relations, Financial Transactions and Financial Advisory, Management Consulting, Physical and Cyber Risk, Organizational Design, Board and Executive search, Geopolitics and Government Affairs, Corporate Governance, ESG, and DE&I. The firm has more than 1,800 employees located in 45 offices around the world.

Why Join Teneo’s Security Team

At Teneo, you’ll be part of a committed security team helping protect a dynamic, global consulting company. This role offers the opportunity to influence and shape our security posture, contribute to designing and building detection capabilities from the ground up, and work autonomously with support from experienced leadership.

The Role

Teneo seeks a skilled and self-sufficient Cybersecurity Engineer to join our security team in Melbourne. In this role you will focus primarily on detection engineering and blue-team operations: designing, writing and tuning detection / SIEM / XDR rules, responding to security alerts and incidents, and maintaining our security posture across cloud, network and endpoint environments. You will play a critical role in strengthening our defences, automating security processes, and enabling IT and business teams to operate securely.

What You’ll Do

• Design, develop, and maintain detection logic and rules (SIEM / XDR / log-management) to identify suspected malicious activity, anomalies, or policy violations across network, cloud, endpoint, and identity systems.
• Configure, deploy, and manage security tooling: SIEM / XDR platforms, log management, IDS/IPS/NDR, firewalls, endpoint protection, cloud-security tools, and other security infrastructure.
• Triage and investigate alerts: perform log analysis, correlate events, determine real threats, escalate or respond as needed.
• Perform vulnerability assessments, threat hunting, risk-based tuning of detection rules, and threat modelling for identified CVEs / weaknesses.
• Participate in incident response: containment, mitigation, root-cause analysis, remediation, documentation, lessons-learned, and improvement of detection strategies.
• Automate security operations where possible: develop scripts or workflows (e.g., via Python, PowerShell, Bash, SOAR integrations) to streamline monitoring, alerting, incident handling, and reporting.
• Collaborate with IT, DevOps, and business stakeholders to embed security best practices into system and network architecture, cloud infrastructure, and software deployments.
• Maintain and enforce security policies, standards, access controls, and compliance frameworks (e.g., relevant regulatory or industry standards).
• Produce clear documentation, dashboards, reports, and run-books for detection logic, incidents, and ongoing security operations.

 Basic Qualifications

• Several years (e.g., 4–7+) of professional experience in cybersecurity engineering / operations, with hands-on experience in detection, SIEM/XDR, log management, incident response, and security tool administration.
• Strong technical knowledge in network security, cloud security (e.g., AWS, Azure, or similar), endpoint security, identity and access management (IAM), firewall/IDS/IPS, and intrusion detection/prevention.
• Proven ability to author, tune and review detection rules / alerts / log-parsing logic, and to perform advanced log analysis and event correlation.
• Familiarity with scripting or automation (e.g., Python, PowerShell, Bash), for building detection logic, automating response, or managing security tool configurations.
• Solid understanding of security frameworks, best practices, and threat-detection methodologies.
• Strong analytical, problem-solving, communication, and collaboration skills — able to work independently, but also engage with IT/security stakeholders.

 Preferred Qualifications

• Experience with cloud-native security environments and multi-cloud deployments.
• Familiarity with SOAR or security automation/orchestration platforms.
• Certifications such as CISSP, CISM, CEH, or other relevant credentials.
• Prior experience in a blue-team / SOC / detection engineering / incident response role.
• Understanding of compliance, regulatory standards, and risk management best practices.