Cyber Detection & Automation Engineer

• Build a next-gen SOC where automation drives detection and response
• Hands-on cyber role turning threat intelligence into action
• Join a skilled team shaping the future of security operations
• Work flexibly @ NGM Group, Newcastle office and work from home

Purpose of the role

We’re building a next‑generation, automation‑first Security Operations Centre, and this role is central to making that real.

As a Cyber Detection & Automation Engineer, you’ll be hands‑on designing, building and tuning detection rules and automated response playbooks that improve how threats are identified and handled. This role focuses on doing the work — engineering high‑quality detections, reducing noise, and removing manual effort from day‑to‑day security operations.

You’ll work closely with senior engineers and analysts, contributing directly to a SOC capability that’s being built from the ground up rather than constrained by legacy processes.

What will your key responsibilities include?

• Design, build, test and deploy detection rules across endpoint, network, cloud and identity data sources
• Build and maintain SOAR playbooks that automate enrichment, correlation, containment and response
• Continuously tune and optimise detection rules to reduce false positives and improve signal‑to‑noise
• Translate threat intelligence and emerging risks into actionable detection logic
• Conduct hypothesis‑driven threat hunting and convert findings into production detections
• Support incident response through automated forensic collection and response actions
• Build automated detection rules for exploitation attempts against known and emerging vulnerabilities
• Contribute to SOC uplift initiatives, including automation and platform integration
• Build automated monitoring for vulnerabilities, exposure and patch compliance
• Maintain documentation for detection rules, automation and integrations

What are we looking for?

You enjoy getting stuck in, solving problems and building things that work. You’re curious by nature, comfortable learning as you go, and motivated by improving how security operations are done — not just reacting to alerts.

We’re especially keen to hear from people with:

• Demonstrated experience in SOC operations or detection engineering
• Experience writing detection rules using SIEM query languages (KQL, SPL, XQL, YARA-L)
• Experience building SOAR playbooks and automation workflows
• Understanding of security telemetry across cloud, endpoint, network, and identity
• Familiarity with MITRE ATT&CK, NIST CSF, or Essential 8 frameworks
• Scripting skills (Python, PowerShell, or similar)
• Analytical, automation-focused, and collaborative mindset

What can you expect from us?

Our benefits are designed to help you thrive — in and out of work. Think health and wellbeing support like Fitness Passport, corporate health insurance and annual flu vaccinations, plus lifestyle perks including hotel discounts and flexible work arrangements. We also back what matters most with 18 weeks paid parental leave, recognition programs, an employee referral program, and dedicated time to give back (two community volunteer days and three recreational leave days each year).

Why join us?

• Growth & opportunities – Build your capability, stretch into new challenges and shape what’s next with development support behind you.
• Culture & connection – Be part of a team that’s inclusive, down-to-earth and genuinely connected, where collaboration is how we get things done.
• Meaningful work – Do work you can feel proud of, making a real difference for customers and communities every day.

About us

As one of Australia’s largest customer-owned banks, we’re a driving force in customer owned banking, operating under the trusted brands Greater Bank and Newcastle Permanent. With over 200 years of combined experience, we’ve helped hundreds of thousands of Australians achieve home ownership and provide a genuine alternative to the big banks—all while strengthening the communities we serve. At the heart of everything we do are our core values:

• Lead with heart – We genuinely care about achieving better outcomes for our customers and communities.
• Own the action – We build trust by doing things the right way, with honesty and transparency.
• Embrace opportunity – We look ahead, focusing on our strengths and expertise to challenge the status quo.
• Thrive together – By working as one, we create the best possible future for our customers and communities.

Join a team shaping the future of trusted banking and make a real impact where it matters most.

A note to recruitment agencies: We’ve got this role covered, so no need to get in touch! As such, we are unable to accept unsolicited CVs and will not be liable for any associated fees. Thank you for your understanding!

NGM Group is committed to delivering trusted banking to enable our customers and communities to thrive. We do this by leading with heart, doing the right things in the right way, and by maintaining high standards of ethical behaviour in everything that we do. All applicants are therefore required to undergo a skills assessment, comprehensive background check, Bankruptcy Check and a Nationally Coordinated Criminal History Check.

We are also working to reflect the vibrant communities we serve. We believe in creating an inclusive, diverse, and supportive workplace where everyone can thrive. If you require adjustments to be made during the recruitment process or would like to discuss any accessibility requirements, your Talent Acquisition Partner will be happy to engage in a confidential discussion and assist. Your unique talents and perspectives are what make us stronger.