Senior Cybersecurity Engineer

Senior Cybersecurity Engineer at KBR, Inc. - Australian Capital Territory

About KBR

We deliver science, technology and engineering solutions to governments and companies around the world. KBR employs approximately 38,000 people worldwide with customers in more than 80 countries and operations in over 29 countries.

Opportunity

We are seeking an experienced and motivated Senior Cybersecurity Engineer to support Defence programs across the capability lifecycle. The role is a critical leadership position in delivering secure, resilient, and integrated Defence systems. Responsibilities include embedding cybersecurity principles across engineering, logistics, and project environments to maintain information assurance and compliance.

Responsibilities

• Designing, testing, and developing new systems, applications, and solutions for enterprise‑wide cyber systems and networks
• Handling a wide range of security issues including firewalls, electronic data traffic, and network access
• Performing system analyses at all levels of product development
• Using encryption technology, penetration, and vulnerability analysis of various security technologies
• Ensuring system security needs are established and maintained for operations development, security requirements definition, risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning
• Providing analytical support for security policy development and analysis
• Integrating new architecture features into existing infrastructures
• Designing cyber security architectural artifacts and analyzing their future needs and trends
• Embedding forensic tools and techniques for attack reconstruction
• Providing engineering recommendations and resolving integration and testing issues
• Solve complex problems and recommend solutions and best practices
• Advising multi‑disciplinary teams or running projects

Qualifications

• Tertiary qualification in Cybersecurity, Computer Science, Engineering, Information Systems, or a related technical discipline
• Minimum 7–10 years’ experience in cybersecurity engineering, assurance, or governance within the Defence sector or another highly regulated technical environment
• Demonstrated knowledge and practical application of Defence and international cybersecurity standards and frameworks (e.g. PSPF, DSPF, ISM, E8MM, CSAA Framework, Defence ICT/Cyber Procurement Supply Chain Risk Management Framework, DCwS Framework, SCCG)
• Proven experience leading or contributing to cybersecurity risk assessments, security design reviews, and system accreditation activities under Defence security frameworks
• Strong understanding of secure system architectures, information assurance principles, and cyber risk management across the system lifecycle
• Proficiency with cybersecurity management and monitoring tools such as SIEM, vulnerability management platforms, endpoint protection, and secure configuration baselines
• Experience developing, implementing, and maintaining Cybersecurity Management Plans (CSMPs), Risk Management Frameworks (RMFs), and security documentation for Defence programs
• Strong analytical, organisational, and communication skills; ability to collaborate across engineering, program management, and customer security teams
• Australian Citizenship – required to obtain and maintain a security clearance
• Current NV1 Security Clearance (or eligibility to obtain and maintain)

Desirable

• Experience in Defence acquisition and sustainment programs across the capability lifecycle, with emphasis on cyber and information assurance requirements
• Knowledge of the Australian Government Information Security Manual (ISM), DISP cyber security controls, and international standards such as ISO/IEC 27001 and NIST SP 800-171
• Experience leading or mentoring cybersecurity professionals in secure system design, implementation, and assessment
• Familiarity with digital engineering environments, secure system architectures, and integration of cybersecurity with model‑based systems engineering (MBSE) frameworks
• Experience implementing and continuously improving cybersecurity controls, monitoring systems, and risk management processes within Defence or critical infrastructure systems
• Exposure to contract, accreditation, and compliance management, including reporting to Commonwealth, Prime, or international Defence clients on cybersecurity assurance and risk posture

Benefits

• A Great Place To Work culture (Australia)
• Flexible working conditions
• Competitive salary (annual reviews)
• Paid parental leave
• Paid reservist leave
• Income protection
• Corporate rewards
• Salary packaging / novated leasing
• Discounted employee stock purchase plans
• Health and wellness benefits (flu shots, skin checks, private health insurance discounts)
• Career development: online learning, mentorship, and career pathways

KBR acknowledges the Traditional Custodians of Country throughout Australia and pays respects to Elders past and present. As a Major Service Provider of the Australian Defence Force, an AGSVA security clearance and compliance to International Traffic in Arms Regulations (ITAR) will be required.