Work with cutting edge AI technology, making the world a safer and more secure place. DroneShield (ASX:DRO) offers an opportunity to solve some of world’s most challenging technical problems in the rapidly growing counter-drone sector.   

Our customers operate in some of the most challenging and high-stakes environments in the world, including military organisations, government agencies, airports, critical infrastructure operators, and law enforcement. Protecting airspace in these settings requires technology that performs under pressure and teams that understand what’s at stake. At DroneShield, employees work at the leading edge of counter-drone innovation, helping to address real-world security challenges as drone threats continue to evolve globally. 

With one of the largest listed defence company market capitalisations in Australia, now part of the ASX200 index, DroneShield is experiencing a period of hypergrowth. Revenue has surged from A$57 million in 2024 to over A$217 million in 2025, representing growth of more than 400% year-on-year, with record profitability and cashflow. The total addressable global market for counter-drone is assessed at approximately $100 billion, and is currently at the nascent stage with much of the growth still to come, with DroneShield well positioned as a global market leader, and the only public listed pure-play business in this sector.   

The company has grown from 11 employees in 2017 to over 450 staff globally today, and is on track to reach around 550 by the end of 2026. This expansion includes investment of over A$50 million annually in R&D, a global pipeline exceeding A$2.5 billion, and continuous scaling of production capacity to meet accelerating demand.  

The role is based at DroneShield’s central Sydney headquarters. Overseas on-the-ground presence includes Virginia (USA), Netherlands, Denmark, Mexico and Dubai, as well as distributors in over 70 countries worldwide. 

About the role

The Security team is a nimble team responsible for protecting DroneShield's assets and users. Our adversaries are sophisticated and use state-of-the-art tooling. To protect DroneShield, we need to focus on the biggest risks, eliminate threats, focus on automation to scale our efforts and continually increase the cost for the attackers. Key responsibilities for this role include own and improve our existing detection strategy, including tooling, custom detections, process, threat intelligence etc. This role will also be responsible for the response strategy including handling incidents, being incident commander, staff training, tooling and others. Other areas this role will influence and/or drive change are corporate security and vulnerability management. Detection and Response should be viewed as a closed loop. Detections should enhance responses and focus on providing enriched information to responders and improving the signal-to-noise ratio. Responders should leverage automated playbooks to respond to incidents as quickly as possible and use incident reviews as opportunities to improve or create new detections. The ideal candidate will have a strategic view of both spaces and will drive change so that this loop works well – they will improve and implement our detection strategy to facilitate response and will use response metrics and learnings to influence new detections. They will enhance this process with threat intelligence and vulnerability management metrics as well. The ideal candidate will have strong communication skills, being a hands-on engineer and will have a systemic view of the problem space focusing on solving the biggest problems and designing solutions that can scale. Experience with detection and response incidents is a must, including being an incident commander to large and complex incidents. Experience with automation and forensics is highly desirable. This position offers the opportunity to contribute to the security of hardware products with complex threat models.

Responsibilities, Duties and Expectations 

Detection & Monitoring

• Develop, tune, and maintain detection rules across SIEM and security tooling
• Improve signal-to-noise ratio by reducing false positives and enhancing alert fidelity
• Leverage threat intelligence, vulnerability data, and attacker techniques to build new detections

Incident Response

• Investigate and respond to security incidents across endpoints, cloud, and SaaS environments
• Support incident handling from detection through containment, eradication, and recovery
• Participate in incident response rotations and follow established runbooks
• Assist in coordinating cross-team response efforts during incidents

Automation & Tooling

• Contribute to automation of detection and response workflows (e.g., scripts, playbooks)
• Work with security orchestration tools to improve response efficiency
• Support development and improvement of internal security tools

Continuous Improvement

• Conduct post-incident reviews (RCA) and contribute to lessons learned
• Identify gaps in detection and response capabilities and propose improvements
• Maintain and improve incident response documentation and runbooks

Collaboration & Communication

• Work closely with engineering, IT, and security teams on investigations and improvements
• Communicate findings and incident updates clearly to stakeholders
• Contribute to building a strong security culture across the organisation

Qualifications, Experience and Skills 

• 5-6 years of experience in security operations, incident response, or detection engineering
• Hands-on experience investigating security incidents in cloud or enterprise environments
• Familiarity with SIEM platforms and log analysis
• Basic scripting or programming experience (Python preferred)
• Understanding of common attack techniques, malware behaviour, and threat lifecycle
• Experience with Linux/macOS command line environments
• Knowledge of cloud platforms (AWS, Azure or similar)
• Strong analytical and problem-solving skills

Nice to Have

• Experience with detection-as-code or infrastructure-as-code
• Exposure to malware analysis or digital forensics
• Experience with automation frameworks or SOAR platforms
• Understanding of threat modelling and attacker methodologies
• Familiarity with modern security tools (EDR, IDS, cloud security tools)
• Interest in leveraging AI/LLMs for security operations

What success looks like

• Effectively triaging and responding to security alerts with minimal supervision
• Contributing meaningful improvements to detection coverage and response speed
• Building automation that reduces manual workload
• Demonstrating growth toward owning incident response and detection strategy

Why This Role

• Hands-on exposure to real-world security incidents
• Opportunity to grow into a senior D&R or security engineering role
• Work in a fast-paced, high-impact security environment
• Contribute to protecting critical systems and users

Note for recruitment agencies: We do not accept unsolicited candidates from external recruiters unless specifically instructed.

#667