Provide initial triage and response capabilities by reviewing events, resolve or escalate them as cyber security incidents, and assist with blast radius analysis, containment, eradication, and recovery actions if co-ordinated response is r

Job details

About TAFE Queensland

TAFE Queensland is proud to be the largest and most experienced Vocational Education and Training (VET) provider in the State. For more than 140 years, TAFE Queensland has delivered practical and industry-relevant training to provide students with the skills and experience they need to build lifelong careers. Our award-winning training is delivered on campus, online, and in the workplace to give people the skills they need to enrich their communities, support their industries, and strengthen their local economies. 

By working at TAFE Queensland, you can be part of a highly experienced workforce that is closely connected with their industries and dedicated to delivering best practices and innovative training.

Your Opportunity

As the Senior Cyber Security Support Officer you will:

• Provide initial triage and response capabilities by reviewing events, resolve or escalate them as cyber security incidents, and assist with blast radius analysis, containment, eradication, and recovery actions if
  co-ordinated response is required.
• Assist in maintaining and improving TAFE Queensland’s cyber security posture by identifying areas for improvement and addressing them with automation, configuration changes, or documentation.

This position reports to the Manager, Security Operations.

This is a Permanent, Full-Time opportunity.

The position will be based primarily at Mount Gravatt, however you may be required to perform work at other TAFE Queensland campuses.  

Key Responsibilities

• Contribute to the time-sensitive detection, identification, and alerting of intrusions, anomalous and misuse activities across complex on-premise and cloud environments, and triage these events as either incidents or benign activities.
• Contribute to incident response activities, incident assessment and investigation, and reporting on cyber security breaches, ensuring identified security breaches are promptly and thoroughly investigated, including determining potential impact, performing root cause analysis and making recommendations on timely remediation.
• Support, build upon and enhance cyber security orchestration within the Microsoft and Azure security stack. This will include integrations into third-party security solutions, business applications, and other cloud or on-premise solutions.
• Perform operations and administrative activities for the security of the organisation, including event correlation, monitoring, research, assessment and analysis using enterprise security tools (SIEM, mail gateways, EDR/antivirus, and other cloud-based systems).
• Contribute to proactive threat hunting activities; threat hunting activities, analysing, and responding to current, emerging and organisation-specific threats based on private and public threat feeds or reports.
• Support the identification, escalation, and resolution of gaps in visibility, intelligence and technology that could improve the efficiency or efficacy of the Cyber Security services.
• Improving upon existing documentation or creating documentation where required.
• Responsible handling of potentially sensitive information.
• Be the initial escalation point for other TAFE Queensland teams for any cyber security related queries. This includes security related technical discussions with other ICT teams, or non-technical discussions with other business units.
• Organise, liaise, and support the delivery of TAFE Queensland’s penetration testing function including application testing and purple team scenarios.
• Contribute to the success of transformation and cultural change through promoting and modelling the values of Safety First, Working Together, Focusing on our Customer, Taking Responsibility and Showing Initiative.

How you will be assessed

The ideal applicant will be someone who has the following key capabilities:

• Demonstrated knowledge across various ICT systems and concepts such as basic networking, Identity and Access Management, Software and Application Management, Microsoft 365, Entra ID, Windows Operating Systems, and Unix Operating Systems.
• Demonstrated experience working within a cyber security role involving the security monitoring of Microsoft Azure and Office 365 cloud-based environments.
• Demonstrated experience in the Kusto Query Language or equivalent, and scripting language such as PowerShell or python in the context of automating tasks.
• Demonstrated experience in building on capabilities in next generation SIEM/SOAR solutions and have a clear vision and understanding of security orchestration.
• Strong written and verbal communication skills, with the proven ability to engage effectively at all levels of an organisation, including the ability to work effectively alongside outsourced delivery partners.
• Demonstrated ability to live and promote a strong ICT team culture that values the contributions of all team members, is honest and considerate, and through that is an active participant in building and maintaining
  a highly respected high-performance team.

Highly desirable requirements

• Working knowledge of the importance of timely Cyber Security actions to address attacks. 
• Knowledge of the various functions, common toolsets, and their purposes within a Security Operations. 
• Knowledge of Microsoft Sentinel, Exchange Online Protection and Microsoft Defender for Endpoint is desirable.
• Industry knowledge of current risks, threats and systemic issues that organisations face, and what causes them.
• Possession of industry acknowledged Security certifications is valued, such as Microsoft SC-200, MS-500, AZ-500. 

How to apply

If you’re interested in this role, click the ‘Apply’ button to submit your application via the TAFE Queensland Recruitment Portal.  When submitting your application, please ensure you provide the following:

• a detailed resume including the contact details for two referees (one of whom is your current supervisor); and
• a cover letter (maximum 2 pages) that outlines your experience, skills and abilities and responds to the ‘How you will be assessed’ criteria.
• Applications must be submitted via TAFE Queensland’s recruitment portal.

Closing date: 11:59PM,  Sunday 31 May 2026.

Job Reference Number: TQ2026-428 

For further information, please contact:

Chris Said, Manager, Security Operations

Chris.Said@tafeqld.edu.au

Further information

We are committed to building inclusive cultures in the Queensland public sector that respect and promote human rights and diversity.

Documents

Before applying for this vacancy please ensure you read the documents below.

• No File Attached