security operations engineer.

In this role, you’ll support day-to-day cyber security operations and act as an escalation point for complex security incidents. Your responsibilities will include:

Security Monitoring & Incident Response

• Monitor SIEM, EDR, identity protection, and cloud security alerts.

• Conduct first and second-level triage and differentiate true vs. false positives.

• Support containment, eradication, and recovery activities.

• Maintain incident response playbooks, evidence logs, and documentation.

• Coordinate investigations with internal teams and MSSPs.

• Assist with post-incident reviews, root-cause analysis, and reporting.

Security Operations & Tooling Support

• Maintain operational health of tools such as SIEM, EDR, email security, endpoint controls, and vulnerability scanners.

• Assist with configuration, optimisation, and basic admin tasks.

• Perform routine operational tasks including log reviews and daily checks.

• Maintain security procedures, guides, and inventories.

• Work with IT teams to embed secure practices throughout operational workflows.

Vulnerability & Risk Management

• Run scheduled scans across infrastructure, cloud, and endpoints.

• Analyse and prioritise vulnerabilities using CVSS, threat intel, and business context.

• Coordinate remediation with system owners and track progress.

• Prepare vulnerability metrics and reporting for governance stakeholders.

• Support risk assessments and implementation of mitigating controls.

Compliance, Governance & Policy

• Support internal and external audits, including evidence collection.

• Assist with compliance activities aligned to ISO 27001, NIST CSF, Essential Eight, and privacy legislation.

• Help maintain and update security policies, standards, and procedures.

• Contribute to ongoing maturity and control effectiveness improvement initiatives.

Security Awareness & Stakeholder Engagement

• Assist in delivering security awareness training and uplift initiatives.

• Provide cyber security guidance to teams across the business.

• Build strong working relationships with internal stakeholders, vendors, and MSSPs.

Experience

• Minimum 5 years’ experience in Cyber Security, Security Operations, or IT Operations with significant security exposure.

• Hands-on experience with SIEM/EDR triage, incident escalation, containment support, and documentation.

• Proven capability in vulnerability scanning, prioritisation, remediation coordination, and reporting.

• Experience with enterprise security platforms (SIEM, EDR, identity protection tools, cloud security controls, email gateways).

Education & Certifications

• Bachelor’s Degree in Cybersecurity, IT, Computer Science, or related discipline (preferred).

• Certifications such as Security+, CySA+, SC-200, GSEC, GCIA, or GCIH are highly regarded.

Technical & Soft Skills

• Familiarity with ISO 27001, NIST CSF, and Essential Eight frameworks.

• Experience working in Azure/M365 environments (AWS/GCP beneficial).

• Strong documentation and communication skills.

• Ability to work methodically, follow procedures, and manage competing priorities.

• Experience working with MSSPs and external partners.

You’ll be part of a modern, well-supported environment with access to:

• Team member discounts across well-known retail brands.

• Professional development and career-growth opportunities.

• Novated leasing options.

• Employee Assistance Program for you and your family.

• A contemporary workspace with an outdoor terrace, onsite gym, and end-of-trip facilities.

At Randstad Digital, we are passionate about providing equal employment opportunities and embracing diversity to the benefit of all. We actively encourage applications from any background.