Cybersecurity Engineer

Title Cybersecurity Engineer About KBR We deliver science, technology and engineering solutions to governments and companies around the world. KBR employs approximately 38,000 people worldwide with customers in more than 80 countries and operations in over 29 countries. We work on Australia’s largest and most complex projects, supporting the nation’s critical infrastructure, energy transition and national security priorities. We are passionate about our people and our Zero Harm culture, fostering an environment where everyone can belong, connect and grow. Opportunity KBR is seeking expressions of interest from skilled and motivated Cybersecurity Engineers to support current and upcoming Defence programs across the capability lifecycle. This role offers an exciting opportunity to contribute to the delivery of secure and integrated Defence systems. As a Cybersecurity Engineer, you will play a key role in implementing cybersecurity principles, controls and architectures to maintain information assurance and compliance across engineering, logistics and project environments. You will support system security design, risk management and accreditation activities, ensuring that Defence systems and data are protected in accordance with the Australian Government Information Security Manual (ISM), DISP cyber requirements and relevant international standards. You will work as part of a multidisciplinary engineering team to identify cybersecurity risks, support system hardening and testing, and help improve cybersecurity processes, documentation and toolsets. You will embed cybersecurity best practices throughout the system lifecycle. Responsibilities Designing, testing and developing new systems, applications and solutions for enterprise-wide cyber systems and networks Handling a wide range of security issues including firewalls, electronic data traffic and network access Performing analyses at all levels of total system product, including concept, design, fabrication, test, installation, operation, maintenance and disposal Using encryption technology, penetration and vulnerability analysis of various security technologies, and conducting information technology security research Ensuring system security needs are established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, vulnerability testing and scanning, incident response, disaster recovery, business continuity planning Providing analytical support for security policy development and analysis Integrating new architecture features into existing infrastructures Designing cyber security architectural artifacts Providing architectural analysis of cyber security features and relating existing systems to future needs and trends Embedding advanced forensic tools and techniques for attack reconstruction Providing engineering recommendations and resolving integration and testing issues Solving complex problems by applying new perspectives to existing solutions Exercising judgment based on analysis of multiple sources of information Working independently with minimal guidance, affecting a range of customer, operational, project or service activities within own team and other related teams Running small projects or having accountability for ongoing activities or objectives Essential Qualifications, Skills and Experience Tertiary qualifications in Cybersecurity, Computer Science, Engineering, Information Systems or a related technical discipline Approximately 3–7 years’ experience in cybersecurity engineering, assurance or governance within the Defence sector or another highly regulated technical environment Knowledge and practical understanding of Defence and international cybersecurity standards and frameworks (e.g. PSPF, DSPF, ISM, E8MM, CSAA Framework, Defence ICT/Cyber Procurement Supply Chain Risk Management Framework, DCwS Framework, SCCG) Experience supporting cybersecurity risk assessments, security design activities and system accreditation processes under Defence or equivalent frameworks Understanding of secure system architectures, information assurance principles and cyber risk management across the capability lifecycle Familiarity with cybersecurity management and monitoring tools such as SIEM, vulnerability management platforms, endpoint protection and secure configuration baselines Experience assisting in the development, implementation and maintenance of Cybersecurity Management Plans (CSMPs), Risk Management Frameworks (RMFs) and supporting documentation for Defence programmes Strong analytical, organisational and communication skills, able to work effectively within multi‑disciplinary engineering and project teams Australian Citizenship – required to obtain and maintain a security clearance Current NV1 Security Clearance (or eligibility to obtain and maintain) Desirable Experience supporting Defence acquisition and sustainment programmes across the capability lifecycle, with focus on implementing cyber and information assurance requirements Knowledge of the Australian Government Information Security Manual (ISM), Defence Industry Security Program (DISP) cyber controls and relevant international standards such as ISO/IEC 27001 and NIST SP 800‑171 Experience contributing to cybersecurity design, implementation and assessment activities within multi‑disciplinary engineering teams Familiarity with digital engineering environments, secure system architectures and integration of cybersecurity considerations within model‑based systems engineering (MBSE) frameworks Experience assisting in the assessment and improvement of cybersecurity controls, monitoring systems and risk management processes for Defence or critical infrastructure systems Exposure to contract and compliance management, including preparation of documentation and reporting to Commonwealth or Prime Defence clients on cybersecurity matters Benefits Of KBR A workplace culture certified as a Great Place To Work (Aus, India, UK & US) Flexible working conditions Competitive salary (including annual reviews) Paid parental leave Paid reservist leave Income protectionCorporate rewards Salary packaging / novated leasing Discounted employee stock purchase plans Flu shots, skin checks and private health insurance discounts Career development: online learning, mentorship and career pathways Job Information Seniority level: Mid‑Senior level Employment type: Full‑time Job function: Information Technology Industries: IT Services and IT Consulting EEO & Traditional Custodian Statement KBR acknowledges the Traditional Custodians of Country throughout Australia and their continuing connections to land, sea, community and culture. We pay our respects to Elders past and present. As a Major Service Provider of the Australian Defence Force, an AGSVA security clearance will be required and compliance with International Traffic in Arms Regulations (ITAR) is mandatory. Hiring decisions are based on the key requirements of each role and candidates are selected based on their unique strengths and experiences. Application If you’re ready to shape tomorrow, let’s get started. Apply Now Reference: R #J-18808-Ljbffr