Melbourne Security Job Listings

Security Operations Centre Engineer63393867029123110

Workable

Security Operations Centre Engineer

Triskele Labs are one of the leading providers of cybersecurity services in Australia. We assist clients to reduce their risk of a cyber compromise through the delivery of risk-considered controls. Triskele Labs are one of the last remaining boutiques in Australia. We are currently the largest CREST Registered Penetration Testing company in Melbourne and one of the only boutiques to run a 24x7x365 Security Operations Team completely onshore. This role sits within Triskele Labs’ Managed Detection and Response (MDR) team and acts as a technical first point of contact for client-side tooling and integration issues. While not a traditional security analyst role, it directly supports the effectiveness of our MDR service by resolving break/fix issues, supporting event source health and onboarding, and handling tool-centric troubleshooting before escalating internally. The engineer will primarily support log source onboarding and health, agent installation and monitoring issues, connection failures, platform errors, and other Tier 1–2 technical queries across SIEM, EDR, and cloud-native tooling used by clients. Requirements Client-Facing Support & Issue Resolution Troubleshoot and resolve client-side issues related to SIEM log ingestion, event source connectivity, and agent health (e.g., Elastic Agent, CrowdStrike, Rapid7, Microsoft Sentinel connectors). Guide clients on log source setup, supported formats, and collection methods including syslog, API-based ingestion, and agent deployment. Investigate and respond to common alerts such as “source offline” or “no logs received in X hours.” Serve as a technical liaison between client IT teams and internal SOC personnel, ensuring clear and effective communication. Tooling & Platform Support Diagnose and resolve errors within operational platforms, including Elastic/Kibana dashboards, TheHive case assignments, and Shuffle automation workflows. Monitor service health dashboards and proactively follow up with clients regarding degraded or failing sources. Escalate complex technical issues to Detection Engineering, Level 3 Engineers, or DevOps after initial triage and basic troubleshooting. Operational Efficiency & Documentation Maintain internal knowledge base (KB) with resolutions and known fixes to support faster issue handling. Identify patterns in recurring issues and recommend process improvements or automation opportunities to enhance platform reliability and efficiency. Preferred Experience Professional Background: Experience in Tier 2–3 IT Helpdesk, MSP technician, or IT systems administration with a support-focused role. Technical Skills: Familiar with SIEM platforms, endpoint agents (e.g., Elastic Agent, Sentinel), basic networking, and system logging. Tooling Experience: Proficient with RMM tools, ticketing systems, endpoint agents, and Windows/Linux environments. Security Awareness: Understands the importance of telemetry and the role of log sources in threat detection workflows. Soft Skills: Strong communicator with the ability to work confidently with both clients and internal teams. Scripting/automation skills (e.g., PowerShell, Bash) Familiarity with basic API usage Experience working with Microsoft 365 and Azure AD logs Application Process A cover letter addressed to Brad Morgan, Head of Managed Services, is mandatory for this role. You will not be considered if this is not included. Benefits Team culture is everything to Triskele Labs and it is the reason we exist. We are a forward-thinking company and always looking for ways to boost our team culture to ensure we are a destination employer. We continually undertake surveys to seek feedback from our team on ways we can improve our work environment and team member experience at Triskele Labs. We provide our team a great range of additional benefits such as: Collaborate closely with industry executives and gain insights from top industry leaders. Cutting edge Tech Stack. Help influence the SOC's direction while advancing your own career. Enjoy a brand-new office located in the heart of Melbourne CBD. Frequent events organised by our People & Culture Team. Working Arrangements: The role is full time, Monday to Friday in our Collins St Melbourne Office, with flexible working arrangements.

Melbourne VIC, Australia

Negotiable Salary

Head of Cybersecurity GRC63393853246594111

Workable

Head of Cybersecurity GRC

At Triskele Labs, we believe cybersecurity should be built on practical experience, not just theory. We work with organisations to improve their cyber maturity through realistic, evidence-based advisory services that align with risk, regulation, and business priorities. We are now seeking a Head of Cybersecurity GRC to lead and grow our Governance, Risk and Compliance team. This is a senior leadership role with end-to-end ownership of people, process, pipeline, and profit across our GRC services. It is ideal for someone who thrives on team leadership, service design, commercial performance, and delivering trusted advice at the executive and board level. This role is hybrid, requiring at least two days per week in our Melbourne office. It will involve occasional on-site time with key clients and regular interaction with Triskele Labs’ broader leadership team. About the Role As the Head of Cybersecurity GRC, you will be responsible for leading the day-to-day operations and strategic direction of the GRC practice. You will manage a team of consultants across multiple levels, ensuring high quality, consistent delivery, while also owning commercial targets and forecasting. This role is approximately 80 percent focused on management and leadership, with 20 percent delivery involvement in key or complex client engagements. You will be accountable for overseeing GRC projects, managing team utilisation, contributing to presales and proposals, driving service innovation, and representing the practice in client forums and internal leadership meetings. Requirements We are looking for a proven leader with strong GRC domain experience, a passion for high-quality delivery, and the ability to grow and mentor a high-performing team. You will be commercially minded, comfortable managing business performance, and experienced in engaging directly with C-level stakeholders and boards. You will be successful in this role if you have: Significant experience in cybersecurity GRC, including team leadership and consulting delivery Deep knowledge of frameworks such as ISO 27001, NIST CSF, and the Essential Eight, with the ability to translate them into practical outcomes Prior experience managing a consulting P&L, including forecasting, utilisation, and performance tracking Demonstrated ability to build and lead a team, implement scalable processes, and maintain a high standard of delivery Strong commercial acumen and the ability to scope, price, and deliver services that meet client expectations Exceptional stakeholder engagement skills, particularly with executive leadership and board members A mindset focused on continuous improvement, client success, and team development The ability to balance strategic thinking with hands-on support where required Key Responsibilities Lead and manage the GRC consulting team, including performance management, mentoring, career development, and capacity planning Own the operational delivery of GRC services including ISO 27001, risk assessments, ISMS programs, cyber maturity reviews, board reporting and security governance frameworks Develop and manage team processes and service delivery standards to ensure consistency, quality, and scalability Maintain visibility of ongoing project work, stepping into client engagements where needed to support delivery or act as an escalation point Attend and present at board meetings, risk committees, and senior stakeholder forums, translating cyber risk into business terms Take ownership of forecasting, pipeline management, team utilisation, and P&L performance for the GRC practice Scope and price engagements in collaboration with the sales team, ensuring a balance between client value and delivery feasibility Support pre-sales activities including proposals, discovery sessions, and presentations to prospective clients Contribute to service development and strategic planning as part of the Triskele Labs senior leadership group Collaborate closely with leaders across Detection and Response, Offensive Security, and Incident Response to deliver integrated, high-value outcomes for clients Sit on the Triskele Labs Leadership Team to own overall strategic direction of the GRC team Benefits Why Join Triskele Labs Triskele Labs is a leading Australian cybersecurity provider offering services across Advisory, Offensive Security, Managed Detection and Response, and Digital Forensics. We work with clients who value expertise, transparency, and outcomes over buzzwords and checklists. This is a rare opportunity to take full ownership of a growing GRC function within a highly respected security consultancy. You will have the backing of an experienced executive team, the ability to shape your practice, and the support to build a team around your vision. If you’re looking to lead a GRC function with real impact, visibility, and autonomy, we’d love to hear from you. Please include a cover letter addressed to Rob Barry, Chief Operations Officer with your application, as applications without a cover letter will not be considered. Working Arrangements: The role is full time, Monday to Friday in our Collins St Melbourne Office, with Hybrid working arrangements.

Melbourne VIC, Australia

Negotiable Salary

Level 1 Security Analyst63393847416193112

Workable

Level 1 Security Analyst

About the company Triskele Labs are one of the leading providers of cybersecurity services in Australia. We assist clients to reduce their risk of a cyber compromise through the delivery of risk-considered controls. Triskele Labs are one of the last remaining boutiques in Australia. We are currently the largest CREST Registered Penetration Testing company in Melbourne and one of the only boutiques to run a 24x7x365 Security Operations Team completely onshore. About the role As a level 1 Security Analyst at Triskele Labs, you will be an integral part of our Security Operations Centre (SOC), dedicated to protecting our clients' assets and providing effective incident response. Working on a rotating shift roster, you will play a crucial role in monitoring and responding to security events, ensuring the continued security posture of our clients. Your expertise, attention to detail, and ability to work in a dynamic environment will contribute to maintaining Triskele Labs' reputation as a trusted cybersecurity partner. The Level 1 Security Analyst works as a member of the DefenceShield managed services team, liaising primarily with other Security Analysts, technical and operational team leads and consultants, project coordinators, penetration testers and clients. The Triskele Labs SOC monitors and responds to threats and incidents across our manages services client base on a 24x7x365 basis. Requirements Role Responsibilities Specific activities, duties and deliverables include but are not limited to the following: Monitor, triage, prioritise, and escalate alerts and incidents, ensuring timely detection and response. Configure and manage security monitoring tools, adhering to change control processes and escalating as required. Meet individual and team KPIs while actively identifying tuning opportunities to improve detection accuracy. Respond to phishing emails, service desk tickets, and hotline calls with prompt, professional resolution or escalation. Conduct daily client environment health checks and Dark Web monitoring for threats and indicators of compromise. Prepare, review, and deliver weekly/monthly client reports, including supporting evidence and addressing follow-up queries. Continuously develop skills through formal training and complete at least one BTLO challenge per month. Collaborate with SOC peers, lead or attend shift handovers, and contribute to process/SOP improvements across the board. About you Analytical Thinking: Strong analytical skills with the ability to quickly assess and prioritize security events and incidents. Capable of analyzing logs, identifying anomalies, and recognizing potential security threats. Communication Skills: Excellent written and verbal communication skills. Ability to convey complex technical information to both technical and non-technical stakeholders effectively. Team Player: Capable of working collaboratively in a team-oriented environment, interacting with colleagues at all levels. Ability to support and back up colleagues during high-pressure situations. Flexibility and Adaptability: Willingness to work on a rotating shift roster, including nights, weekends, and holidays. Adaptability to changing priorities, emerging threats, and new technologies. Willingness to dive into unknown areas of knowledge and learning and to discover methods (such as practical labs or online resources) to acquire this knowledge. Capability to go the extra mile for customers to deliver on their needs. Understanding of other cultures and beliefs systems to function as part of a team. Benefits At Triskele Labs, you’ll join a supportive SOC team that values quality work and continuous growth. From day one, you’ll be mentored by experienced analysts and involved in real-time monitoring, triage, and incident response across a variety of client environments. We’re committed to your development, offering structured training, exposure to a broad tech stack, and opportunities to progress into more senior SOC roles. This is an ideal starting point for building a long-term cybersecurity career in a fast-paced, hands-on environment. If you are early in your cyber career but ready to take the next step, we want to hear from you. Please apply and ensure to include a cover letter addressed to Brad Morgan, Head of Operations in your application. Applicants without a cover letter will not be considered. Working Arrangements The role operates on a 24/7 rotating roster and requires on-site attendance at our Melbourne office.

Melbourne VIC, Australia

Negotiable Salary

Cybersecurity GRC Consultant63393845286787113

Workable

Cybersecurity GRC Consultant

Triskele Labs are one of the leading providers of cybersecurity services in Australia. We assist clients to reduce their risk of a cyber compromise through the delivery of risk-considered controls. Triskele Labs are one of the last remaining boutiques in Australia. We are currently the largest CREST Registered Penetration Testing company in Melbourne and one of the only boutiques to run a 24x7x365 Security Operations Team completely onshore. Are you looking to work in cybersecurity consulting where real impact matters more than ticking boxes? Triskele Labs is seeking a Cybersecurity GRC Consultant to join our growing Advisory team in Melbourne. In this hybrid client-facing role, you’ll work across industries to deliver clear, practical security assessments that help organisations meaningfully reduce risk. You’ll support implementation and uplift efforts aligned to frameworks like ISO 27001, NIST CSF, and the Essential Eight, working closely with both technical and non-technical stakeholders to drive change where it matters most. We’re looking for someone who brings both security expertise and a questioning mindset — someone who is comfortable challenging assumptions, validating controls, and helping our clients cut through complexity. You’ll also have the opportunity to collaborate with other internal teams across offensive security, DFIR, and detection and response. If you want to grow your GRC career in a role where the work is valued, varied, and grounded in the real world, this could be the perfect fit. Requirements Key Responsibilities Conduct cybersecurity risk assessments aligned to ISO 27001, NIST CSF, Essential Eight and related frameworks Perform gap assessments and control maturity reviews for regulatory, compliance, and best-practice purposes Support the development and implementation of Information Security Management Systems (ISMS) Create board and executive-level reporting to communicate cyber risks and prioritise remediation Facilitate workshops and lead conversations with stakeholders across technical and business functions Work closely with internal experts in SOC, red teaming, and DFIR to ground recommendations in operational realities Build lasting relationships with clients and support them throughout their cyber maturity journey Experience & Skills 2–4 years of experience in cybersecurity GRC, ideally across multiple sectors or clients Practical knowledge of ISO 27001, NIST CSF, and Essential Eight Experience conducting risk assessments and drafting core security documentation (e.g., risk registers, policies, reports) Strong communication and engagement skills with business and technical audiences A proactive, consultative approach to understanding and validating control environments Technical awareness of security operations and engineering concepts Willingness to learn, take initiative, and own deliverables in a collaborative team setting Certifications Required: ISO 27001 Lead Implementor or Auditor One or more of the following: CISSP, CISM, CISA (or working towards) Preferred: SABSA or CRISC ITIL Foundations Additional governance or cloud-related security certifications What We Look For Excellent written and verbal communication Strong attention to detail and structured thinking Ability to balance autonomy with teamwork in a fast-paced environment A genuine interest in helping organisations improve their security maturity Client-first mindset with professional integrity KPI's Timely, high-quality delivery of client engagements Positive stakeholder feedback and repeat client engagements Development and contribution to internal documentation and toolkits 75–80% billable utilisation Active engagement in professional development Reporting Line Reports to: Senior GRC Consultant Works with: Advisory team, technical practices, and clients Benefits Team culture is everything to Triskele Labs and it is the reason we exist. We are a forward-thinking company and always looking for ways to boost our team culture to ensure we are a destination employer. We continually undertake surveys to seek feedback from our team on ways we can improve our work environment and team member experience at Triskele Labs. We provide our team a great range of additional benefits such as: Hybrid Flexibility: Work two days per week from our Melbourne CBD office, and remotely the rest of the week (subject to client needs) Varied Client Engagements: Collaborate with organisations of all sizes, across industries and maturity levels Career Development: Access ongoing mentorship, structured training pathways, and certification support Real-World Cybersecurity Exposure: Collaborate with our internal red team, SOC, and incident response units to deepen your practical understanding People & Culture: Participate in team events, offsites, and connection initiatives run by our dedicated People & Culture team If you’ve made it this far, there’s a good chance you’re who we’re looking for! At Triskele Labs, we value initiative and attention to detail—so please include a cover letter addressed to Rob Barry, Chief Operating Officer, with your application. Applications without a cover letter will not be progressed. Working Arrangements The role is full time, Monday to Friday in our Collins St Melbourne office, with hybrid working arrangements: two days in-office, three days remote (client needs may vary). Occasional interstate travel may be required.

Melbourne VIC, Australia

Negotiable Salary

Senior Cybersecurity GRC Consultant63499843427587114

Workable

Senior Cybersecurity GRC Consultant

Triskele Labs are one of the leading providers of cybersecurity services in Australia. We assist clients to reduce their risk of a cyber compromise through the delivery of risk-considered controls. Triskele Labs are one of the last remaining boutiques in Australia. We are currently the largest CREST Registered Penetration Testing company in Melbourne and one of the only boutiques to run a 24x7x365 Security Operations Team completely onshore. Are you passionate about helping organisations improve their cybersecurity in a practical, meaningful way? Triskele Labs is looking for a Senior GRC Consultant to lead client engagements focused on Governance, Risk and Compliance (GRC). In this client-facing role, you’ll work across a range of industries, delivering expert advice, conducting assessments, and supporting implementation of frameworks like CPS 234, NIST CSF, PCI DSS, and ISO 27001. A solid technical understanding of the controls behind these standards is essential. You’ll also guide project delivery, mentor team members, and contribute to the growth of our GRC practice. Acting as a trusted advisor to both technical teams and executives, you’ll help bridge the gap between cybersecurity best practices and real-world business needs. If you’re looking for a role where your expertise is valued and your work has real impact, this could be a perfect fit. Requirements Key Responsibilities Lead GRC consulting projects (e.g., ISO 27001, NIST CSF, CPS 234, PCI DSS) Develop and review cybersecurity policies, procedures, and controls Perform risk assessments, maturity reviews, and roadmap development Advise on control design and implementation Conduct technical audits and third-party risk assessments Prepare board-level reports and client-ready documentation Mentor junior consultants and contribute to practice growth Deliver client work on-site as needed Experience & Skills 5+ years in information security, 3+ in GRC consulting Experience with ISO 27001, NIST CSF, CPS 234, PCI DSS Background in technical roles (e.g., help desk, sysadmin) Strong stakeholder communication and engagement skills Knowledge of cloud security (AWS, Azure, GCP) Experience with PCI-DSS/QSA or third-party risk is a plus Certifications Required: CISSP CISM or CISA SABSA ISO 27001 Lead Implementor Preferred: PCI QSA ITIL Foundations What We Look For Excellent written/verbal communication Strong problem-solving and analytical thinking Ability to manage multiple engagements Team-first mindset with autonomy in a fast-paced environment KPIs Timely, high-quality client delivery Positive client and stakeholder feedback Contribution to documentation and thought leadership 80% billable utilisation Active professional development Reporting Line Reports to: GRC Practice Lead or Head of Advisory Works with: PMs, technical teams, and clients Benefits Team culture is everything to Triskele Labs and it is the reason we exist. We are a forward-thinking company and always looking for ways to boost our team culture to ensure we are a destination employer. We continually undertake surveys to seek feedback from our team on ways we can improve our work environment and team member experience at Triskele Labs. We provide our team a great range of additional benefits such as: Hybrid Flexibility; Enjoy a balanced workweek with 3 days in-office and 2 days remote (subject to client needs). Diverse Client Projects; Work across sectors on high-impact cybersecurity engagements using top frameworks like ISO 27001, NIST CSF, CPS 234, and PCI DSS. Career Growth & Development; Access ongoing training, mentorship opportunities, and support for certifications like CISSP, CISA, and ISO 27001. Thought Leadership Opportunities; Contribute to blogs, whitepapers, and industry events to showcase your expertise. Team Culture & Connection: Enjoy regular events and activities organised by our dedicated People & Culture team. Working Arrangements: The role is full time, Monday to Friday in our Collins St Melbourne Office, with Hybrid working arrangements: 3 days in-office, 2 days remote (client needs may vary)and occasional interstate travel required. If you’ve made it this far, there’s a good chance you’re who we’re looking for! At Triskele Labs, we value initiative and attention to detail—so please include a cover letter addressed to Thomas M with your application. Applications without a cover letter will not be progressed.

Melbourne VIC, Australia

Negotiable Salary