Cyber Security Architect — Microsoft Defender & SOC Lead

About us
We’re proud to be Australia's #1 Great Place To Work in Technology, 2026. We have also been named Australia's #1 Great Place to Work 2025 for the second year running! This is in addition to being Great Place to Work Certified 3 years in a row. Macquarie Cloud Services are the Australian specialists in cloud services for business and government. Locally owned and operated, with an industry-leading customer service model, we’re trusted by our customers to provide the services that enable their business success. We have made it our challenge to make our people feel good and love the work they do. Because of this, our people are energised and motivated in their work. We believe that collaboration & team connection is key for success. This role will be based in Sydney with a blended working arrangement of 3 days in our CBD offices & the remaining working from home.

About the role
This is an opportunity to join a high-growth, well-funded team investing heavily in Cloud, AI and Cyber Security, working with leading Microsoft technologies including Defender, Sentinel and Azure Security services. We are looking for an experienced Cyber Security Architect to lead the design and delivery of Microsoft security solutions for our customers. This is a senior technical leadership role at the heart of Macquarie's Managed Security Practice, combining hands-on architecture, pre-sales engagement, and strategic direction for our Security Operations Centre (SOC). The purpose of the Cyber Security Architect position is to define and deliver the strategy, scope, technology, platforms, and processes for the SOC. You will be the technical authority who shapes how we detect, respond to, and remediate threats across our customer base translating the evolving Microsoft security ecosystem into productised, repeatable, and measurable managed services. Beyond the SOC itself, the Architect will provide technical guidance relating to the overall operation of Macquarie's Managed Security Practice influencing service design, tooling decisions, automation strategy, and the continuous maturation of our detection and response capabilities. You will play a significant role in enabling the SOC to operate at peak efficiency and provide effective and measurable customer satisfaction and innovation focused on security, solidifying Macquarie's position as a leader in managed security services.

What you'll be doing

• Design end-to-end security architectures for customers built on the Microsoft security stack, including Microsoft Sentinel (SIEM), Microsoft Defender XDR (Endpoint, Identity, Office 365, Cloud Apps), Microsoft Entra ID, Global Secure Access and Microsoft Purview.
• Define and continuously evolve the strategy, scope, technology, platforms, and operating processes underpinning the SOC.
• Drive the design of detection engineering practices, including MITRE ATT&CK-aligned analytics, CI/CD-based rule deployment, and detection content lifecycle management.
• Lead the design and enhancement of SOAR automation, orchestration playbooks, automated triage, containment, and remediation workflows to maximise SOC efficiency and reduce mean time to respond.
• Act as the senior technical authority across the Managed Security Practice, providing guidance to SOC analysts, engineers, and consultants.
• Mentor and uplift the technical capability of the wider security team, fostering a culture of continuous learning and innovation.
• Provide escalation support for complex incidents, advanced threat hunts, and high-stakes customer situations.
• Engage directly with customer stakeholders to articulate security strategy, solution value, and managed service capability.
• Support pre-sales activities through solution scoping, technical workshops, proof-of-value engagements, and proposal development.
• Contribute to the development and continuous improvement of Macquarie's productised managed security offerings.
• Identify and evaluate emerging Microsoft security capabilities, integrating them into the service catalogue where they deliver customer value.
• Champion automation, efficiency, and innovation as core principles in everything the SOC delivers.

Required experience and skills

• Minimum of 5+ years' experience in Cyber Security across Architecture and/or Senior Engineering roles including solution design.
• Strong hands-on experience with Microsoft Defender and Azure Sentinel.
• Solution design experience within enterprise, MSP, consulting or vendor environments.
• Australian Citizenship (required).
• Eligibility and willingness to obtain an NV1 Security Clearance.
• Strategic skills, evaluating operations, and providing actionable guidance.
• Understands security threat matrix to enable efficient and effective threat policy.
• In-depth understanding of IP network networks (Layer 3 to 7) and correlate higher-level protocols such as HTTP, HTTPS, SMTP and the ability to perform packet captures and other steps required to troubleshoot incidents.
• Hands-on experience with at least one major SIEM technology.
• Familiar with security frameworks, architecture frameworks, industry best practices and compliance, mitigation strategies (such as SABSA, TOGAF, ISM, ISO27001, NIST, or PCI).
• Obsessed with continuous improvement of our working practices and overall quality of service.
• Understands code in multiple languages, search, and regex capabilities.
• Knowledge of SOC process design frameworks.
• Ability to serve as a mentor.
• Industry or technology specific security certifications (i.e. CISSP, CISM, AZ-500, MS-500, CCNA/CCNP – Security).
• Experience with Office365 and Microsoft Modern Workplace solutions is desirable.

If this excites you, apply now, we'd love to hear from you!