Triskele Labs is one of Australia's last remaining independent cybersecurity MSSPs. We help organisations reduce the risk of cyber compromise through risk-considered controls, and we do it entirely onshore.

We're the largest CREST Registered Penetration Testing company in Melbourne and one of the only cybersecurity firms running a 24x7x365 Security Operations Team without offshoring a single analyst. We build meaningful relationships with our clients — they're not invoice numbers to us.

About the role

As a Security Engineer, you'll be an integral part of our Engineering team — deploying and maintaining security solutions for clients and supporting Triskele Labs' own internal infrastructure. You'll work hands-on with SIEM, EDR, Mail Gateway platforms, and you'll be the person who finds solutions when things get complex and non-standard.

This role reports to the Head of Engineering and works closely with our SOC, Advisory, and Offensive teams, as well as directly with clients onsite

What you'll do

Deploy SOC services at client sites, including ad-hoc and non-standard configurations
Troubleshoot and resolve complex technical issues in SOC environments
Conduct onsite security assessments and architecture reviews
Create SOC architecture diagrams for implementation and documentation purposes
Deploy, manage, and maintain cloud platforms including AWS, Azure, and Microsoft 365
Support internal systems by providing escalation-level technical assistance
Deploy internal tools and systems to meet evolving operational needs
Maintain and secure Triskele Labs infrastructure and SaaS systems
Drive knowledge sharing and technical uplift within the Engineering team

Requirements

What we're looking for

Essential skills and experience

Several years' hands-on experience in a security engineering, SOC engineering, or infrastructure security role
Practical experience deploying and administering SIEM platforms (e.g. Microsoft Sentinel, Splunk)
Hands-on EDR experience (e.g. Microsoft Defender for Endpoint, Rapid7 InsightIDR)
Email security / mail gateway experience (e.g. Mimecast, Microsoft Defender for Office 365)
Strong cloud skills across Azure and Microsoft 365, with working knowledge of AWS
A genuine knack for troubleshooting complex, non-standard environments end to end
The ability to produce clear architecture diagrams and technical documentation
Confidence working directly with clients — running onsite assessments, reviews, and deployments

Preferred certifications (not mandatory)

Microsoft SC or AZ suite certifications such as AZ-500 or SC-300 (highly regarded)
CrowdStrike or Rapid7 certifications
AWS Administrator certification
Elastic or Splunk certification
CompTIA Security+ or CCNA
Tertiary qualification in a related field

Why Triskele Labs

Competitive salary: $90,000–$120,000 + superannuation, depending on experience
Full-time, Monday–Friday based at our Collins Street Melbourne office with flexible working arrangements
Work with genuinely interesting, complex security problems — not cookie-cutter deployments
A culture built on accountability, honesty, and backing each other — no politics, no blame culture
Leaders who lead from the front and take responsibility alongside their team
Occasional travel and client-site work to keep things varied

How to apply

Full Australian working rights are required for this role.

The interview process is straightforward: an informal chat, followed by a technical interview with the Head of Engineering and a Senior Security Engineer, and a short technical assessment.

Applicant must include a cover letter addressed to our Head of Engineering, Joseph Suric. Applications without a cover letter will not be considered.

Benefits

Cybersecurity Engineer