Senior Cybersecurity Engineer

Senior Cybersecurity Engineer Location: Canberra, Australian Capital Territory, Australia About KBR KBR delivers science, technology and engineering solutions to governments and companies worldwide. With approximately 38,000 employees in over 29 countries, we support critical infrastructure, energy transition and national security priorities. The Opportunity KBR is seeking an experienced and motivated Senior Cybersecurity Engineer to support current and upcoming Defence programs across the capability lifecycle. This critical leadership role involves ensuring cybersecurity principles, controls, and architectures are embedded across engineering, logistics, and project environments to maintain information assurance and compliance. Responsibilities Design, test, and develop new systems, applications, and solutions for enterprise-wide cyber systems and networks. Handle a wide range of security issues including firewalls, electronic data traffic, and network access. Analyze systems throughout the lifecycle, including concept, design, fabrication, test, installation, operation, and disposal. Apply encryption technology, perform penetration and vulnerability analysis, and conduct information technology security research. Ensure system security needs are established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning. Provide analytical support for security policy development and analysis. Integrate new architecture features into existing infrastructures. Design cyber security architectural artifacts and provide analysis of cyber security features. Embed advanced forensic tools and techniques for attack reconstruction. Provide engineering recommendations and resolve integration and testing issues. Identify and recommend complex solutions and best practices. Advising multi‑disciplinary teams or running projects as required. Essential Qualifications Tertiary qualification in Cybersecurity, Computer Science, Engineering, Information Systems, or a related discipline. Minimum 7–10 years’ experience in cybersecurity engineering, assurance, or governance within the Defence sector or another highly regulated environment. Demonstrated knowledge of Defence and international cybersecurity standards and frameworks (e.g., PSPF, DSPF, ISM, E8MM, CSAA Framework, Defence ICT/Cyber Procurement Supply Chain Risk Management Framework, DCwS Framework, SCCG). Proven experience leading or contributing to cybersecurity risk assessments, security design reviews, and system accreditation activities under Defence security frameworks. Strong understanding of secure system architectures, information assurance principles, and cyber risk management across the system lifecycle. Proficiency with cybersecurity management and monitoring tools such as SIEM, vulnerability management platforms, endpoint protection, and secure configuration baselines. Ability to develop, implement, and maintain Cybersecurity Management Plans (CSMPs), Risk Management Frameworks (RMFs), and security documentation (e.g., ISSMP, CCR, SRMP, SSecP, SSOPs) for Defence programs. Strong analytical, organisational, and communication skills, with the ability to collaborate effectively across engineering, program management, and customer security teams. Australian Citizenship – required to obtain and maintain a security clearance. Current NV1 Security Clearance (or eligibility to obtain and maintain). Desirable Qualifications Experience in Defence acquisition and sustainment programs across the capability lifecycle, with emphasis on cyber and information assurance requirements. Knowledge of the Australian Government Information Security Manual (ISM), DISP cyber security controls, and international standards such as ISO/IEC 27001 and NIST SP 800‑171. Experience leading or mentoring cybersecurity professionals, engineers, or small teams in secure system design, implementation, and assessment. Familiarity with digital engineering environments, secure system architectures, and integration of cybersecurity with model‑based systems engineering (MBSE) frameworks. Experience assessing, implementing, and continuously improving cybersecurity controls, monitoring systems, and risk management processes within Defence or critical infrastructure systems. Exposure to contract, accreditation, and compliance management, including reporting to Commonwealth, Prime, or international Defence clients on cybersecurity assurance and risk posture. Benefits Of KBR Workplace culture certified as a Great Place To Work (Aus, India, UK & US). Flexible working conditions. Competitive salary (including annual reviews). Paid parental leave. Paid reservist leave. Income protection. Corporate rewards. Salary packaging/Novated leasing. Discounted employee stock purchase plans. Flu shots, skin checks and private health insurance discounts. Career development: online learning, mentorship and career pathways. Apply Now As a Major Service Provider of the Australian Defence Force, an AGSVA security clearance will be required and compliance to International Traffic in Arms Regulations (ITAR). As such, our hiring decisions are based on the key requirements of each role and candidates are selected based on their unique strengths and experiences. We acknowledge the Traditional Custodians of Country throughout Australia and their continuing connections to land, sea, community and culture. We pay our respects to Elders past and present. #J-18808-Ljbffr