Digital Forensics and Incident Response Senior Analyst

Job Summary

About Telstra

We’re all about helping our customers connect faster, better and smarter. And that’s where you come in, to help us realise our purpose to build a connected future so everyone can thrive.

Make a difference

As part of Global Networks & Technology, you will manage our world-class network covering Australia and connecting businesses globally. Work with leading technology and change the way we do IT to meet our critical business needs.

Your work will expose you to innovative thinking, technologies and global best practice. As we grow, you'll grow, and this will extend onto building your own valuable talents and skills here with us.

An excellent opportunity has become available for a highly motivated and passionate Digital Forensics and Incident Response Senior Analyst join the Telstra Cyber Emergency Response Team. Opportunity available for, preferably, Melbourne or Canberra candidates

The opportunity

We are seeking a DFIR Automation Engineer to design, build, and maintain a modern forensic evidence collection, detection, and ingestion pipeline.

You will develop automation that collects forensic artifacts (Windows, Linux), parses and enriches them with detection logic and IOC matching, and ingests structured timelines into our centralized log platform.

This role sits at the intersection of Digital Forensics, Detection Engineering, and Cloud Automation — helping scale our DFIR operations by engineering smarter, faster investigation workflows.

Please note all candidates must be Australian Citizens and have the ability to hold and maintain a NV2 AGSVA security clearance.

What You'll Do

• Build, maintain, and extend artefact collection pipelines

• Manage AWS-based collection and storage infrastructure

• Build automated parsing and normalisation (EVTX, syslogs, registry, memory artefacts, etc).

• Implement IOC matching and threat enrichment

• Develop basic detection logic to identify suspicious activity across raw forensic data.

• Design and maintain pipelines for structured evidence.

• Normalise events for timeline analysis and dashboarding.

• Integrate parsed evidence and detections into a case management system via API automation.

• Monitor and improve the scalability, efficiency, and reliability of the DFIR automation pipeline.

• Document architecture, workflows, and playbooks for internal DFIR and IR teams.

About You

• The ability to hold and maintain a NV2 AGSVA security clearance.

• Experience designing serverless architectures in AWS

• Working knowledge of Elastic Stack (Elasticsearch, Logstash, Kibana) and ECS normalisation.

• Solid scripting skills in Python (preferred) or Go, Bash, PowerShell.

• Basic understanding of digital forensics principles

• Ability to develop basic detections for common attacks

• Familiarity with MITRE ATT&CK framework

• Ability to operate independently and drive projects from idea to production.

• Strong documentation and communication skills

Our perks & benefits:

• Work-life integration - we understand life happens when you're busy making other plans, so we offer flexibility around where, and when you work.

• 16 weeks paid parental leave for primary and secondary carers.

• Professional development program.

• An epic (free) Telstra mobile phone plan.

• Laptop/Device allowance renewed every 2 years.

• Purchased Annual Leave scheme.

• Discounted Telstra products and services.

We fully embrace flexibility and choice at Telstra and it’s as unique as you. We believe every role can flex in some way and encourage you to work where, when, and how you are most engaged, safe, and productive. Talk to us about how a role could be flexible for you!

On the cusp of the next technological transformation in the digital world, Telstra has and continues to be at the forefront of local and global innovation. Come disrupt and lead the industry as we build the networks for the future and push the boundaries of what’s possible with technology.

We're after the right blend of experience and enthusiasm and look for cultural add, rather than cultural fit. We benefit from the unique gifts and backgrounds of each person in our business and push for diversity of thought in all we do.