Cyber Security Engineer - Security Operations

Our Opportunity

Work Location: Perth CBD, Western Australia.  Fortescue’s Perth office is located on the traditional lands of the Whadjuk people.

Roster:  Monday to Friday (5D/2R).

** This role is initially an 8 month Fixed Term Contract, essentially until 30/06/2026, with a view to extend.  **

We are seeking a highly skilled and motivated Cyber Security Engineer - Security Operations to join our dynamic and fast-paced cyber security team. As a Cyber Security Engineer, you will play a crucial role in safeguarding Fortescue's digital assets and infrastructure from cyber threats and ensuring a swift and effective response to security incidents. Your primary responsibility will be to help strengthen our security posture. This role will focus on enhancing our event collection framework, formalizing cloud security processes, and providing L3 escalation support for alerts from our SOC team.

Key Responsibilities

• Review and optimize the Event Collection Framework in Microsoft Sentinel to ensure comprehensive and efficient event collection.
• Develop and formalize processes for handling cloud security posture alerts, ensuring timely and effective responses.
• Act as a Level 3 escalation point for alerts generated by the Security Operations Centre (SOC), providing expertise and resolution for complex security incidents.
• Collaborate with cross-functional teams to ensure continuous improvement of security practices and incident handling.
• Lead and coordinate incident response efforts to contain, mitigate, and eradicate cyber security incidents.
• Implement predefined incident response procedures and develop new response strategies as required.
• Work closely with IT teams to isolate affected systems and prevent further propagation of threats.
• Conduct forensic investigations to identify the root cause of incidents and gather evidence for potential legal actions.
• Incident Detection and Analysis:
• Monitor security alerts and logs from various security tools and systems to identify potential security incidents.
• Conduct in-depth analysis of security events and incidents to determine the scope, impact, and severity.
• Collaborate with the security operations team to fine-tune detection rules and improve incident analysis.
• Proactively hunt for signs of advanced threats, potential vulnerabilities, or suspicious activities in the network.
• Stay updated with the latest cyber threats and attack vectors to enhance Fortescue's security posture.
• Utilise threat intelligence sources and tools to identify emerging threats and implement necessary countermeasures.

Qualifications And Experience

• Proven experience with Microsoft Sentinel and security event collection frameworks.
• Hands-on experience with cloud security posture management (e.g., AWS, Azure, GCP).
• Strong background in security monitoring, alerting systems, and incident management.
• Experience acting as an escalation point for complex security alerts and incidents.
• Familiarity with SOC operations and the ability to collaborate with cross-functional teams to resolve security issues.
• Solid understanding of network security, threat detection, and vulnerability management.
• Experience in developing and formalizing security processes and incident response procedures.
• Strong knowledge of cyber security principles, protocols, and technologies.
• Familiarity with various security tools such as SIEM, EDR, forensic analysis tools, memory analysis tools, threat intelligence feeds and SOAR platforms.
• Hands-on experience with incident response frameworks (e.g., NIST CSF, MITRE ATT&CK).
• Excellent problem-solving skills and the ability to work under pressure during critical incidents.
• Strong communication and collaboration skills to effectively work with cross-functional teams.
• Relevant certifications like GCIH, CISSP or equivalent will be an advantage.

About Us

Be part of something big. Fortescue is leading the world with our plan to decarbonise our iron ore operations, projects that harness renewable energy and the development of technology that will change our planet forever.

Our Commitment

Fortescue celebrates individual strengths and team members are encouraged to bring their whole selves to work. Our global workforce drives and promotes an inclusive culture, both within our organisation and throughout the communities we interact with. Diverse backgrounds include First Nations Peoples, people with disabilities, LGBTQ+ community, gender, neurodiverse, cultural diversity, all age groups, and those with an intersectional or multiple diverse characteristics. We encourage candidates from all backgrounds to apply.

https://fortescue.com/careers

Internal Candidates / Current Contractors please apply via Success Factors Careers Portal. For further information on how to apply please visit the Fortescue Hub. 

Fortescue reserves the right to close applications early should a suitable pool of candidates be identified. Fortescue will never contact you to ask for payment of any kind, whether directly or through a third party.