LevelBlue reduces risk and builds lasting resilience so organizations can innovate and advance their mission with confidence. As the world’s most analyst-recognized and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services.

LevelBlue’s Professional Services Organisation is seeking an experienced Principal Consultant to join our Architecture, Implementation & Remediation (AIR) consulting team. This is a senior, customer facing role focused on helping enterprise clients design, build, and optimise security operations capabilities - spanning SIEM, Identity, and Endpoint Detection & Response (EDR) technologies.

As a Principal Consultant, you operate at the intersection of deep technical expertise and strategic advisory. You will lead complex, multi-stakeholder engagements across the full lifecycle - from pre-sales solutioning through to delivery and operational handover - and will act as a trusted advisor to client security leadership and executive sponsors.

This role also carries a practice development dimension: you will mentor less experienced consultants, contribute to LevelBlue's service offerings and methodology, and help shape the quality bar for how we deliver. It suits someone with the technical credibility and experience to lead a Sentinel or Security Platform architecture and delivery discussion, and the executive presence to stand in front of client management.

Engagement Delivery

• Lead the end-to-end design and delivery of AIR engagements - including greenfield SOC builds, SIEM platform implementations (Microsoft Sentinel, Splunk), EDR deployments, and managed security service transitions.
• Produce high-quality, client-ready deliverables: High Level Designs, Low Level Designs, Statements of Work, implementation guides, operational runbooks, and use-case documentation.
• Plan, facilitate, and document client workshops, steering committees, and executive briefings - managing outputs, decisions, and action items to closure.
• Develop business cases and ROI analyses for proposed security programmes, presenting findings to functional managers and senior executive stakeholders.
• Identify and document programme risks, assumptions, dependencies, and constraints; shape governance frameworks appropriate to engagement scale and client maturity.
• Build client technology roadmaps aligned to their security strategy, threat profile, and budget constraints.
• Manage scope and delivery expectations proactively, escalating commercial or delivery risks before they affect client outcomes.

Pre-Sales & Business Development

• Partner with the sales team on select pre-sales opportunities - shaping technically credible solutions, building proposals, and presenting to prospective clients.
• Contribute to bid responses, scope definitions, and commercial frameworks for new and renewal engagements.

Practice Development & Leadership

• Mentor and coach junior and mid-level consultants - providing technical guidance, delivery feedback, and career support.
• Contribute to the development of LevelBlue service offerings, delivery methodologies, proposal templates, and internal knowledge assets.
• Maintain a current and evolving understanding of the threat landscape, emerging attack techniques, and relevant vendor platforms to inform client advisory and internal capability development.
• Represent LevelBlue's AIR practice at industry events, client briefings, and partner forums where appropriate.

Essential Experience

• 10+ years of hands-on experience in security consulting, managed security services, or SOC engineering, with a sustained track record in senior client-facing delivery roles.
• Demonstrated experience leading complex, multi-stakeholder security engagements at enterprise scale - from initial scoping through to operational handover.
• Deep domain expertise in one or more of the following, with working knowledge across all:

• SIEM design, build, and operationalisation - Microsoft Sentinel and/or Splunk
• Security Operations Centre (SOC) design, build, and transformation - including greenfield and transition engagements
• Endpoint Detection & Response (EDR) - deployment, tuning, and integration into detection workflows
• Managed Security Service integration - including service wrap, SIEM/EDR definition, and operational model development

• Proven ability to produce and own senior-level deliverables: HLDs, LLDs, SOWs, operational documentation, and executive-level presentations.
• Experience operating across both greenfield and existing-environment engagements in complex enterprise settings.
• Comfortable working autonomously, managing multiple concurrent engagements, and travelling to client sites as required.

Skills & Attributes

• Strong structured problem-solving capability - able to analyse complex security environments and translate findings into clear, actionable client guidance.
• Excellent written and verbal communication skills; able to calibrate messaging from board-level executive briefings through to hands-on technical workshops.
• Commercial acumen - able to scope engagements accurately, manage client expectations, and contribute to LevelBlue revenue growth without compromising delivery quality.
• High degree of self-direction and accountability; able to operate with minimal supervision while keeping leadership informed of risks and progress.
• Collaborative by nature - contributes to team culture, shares knowledge, and invests in the development of colleagues.

Certifications - Highly Desirable

Vendor certifications from other relevant platforms (e.g. CrowdStrike, SentinelOne, Elastic) are also valued. Equivalent demonstrated experience will be considered in lieu of formal certification where substantiated by delivery track record.

Education:

• A high school diploma or equivalent is required; a college or university degree is a plus.

This role is open to candidates legally authorized to work in Australia. At LevelBlue, including teams that previously operated as Trustwave, we support flexible work and bring people together in person for key moments based on role, team, and business needs.

LevelBlue is committed to a culture of respect, inclusion, and equal opportunity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other status protected under applicable law.

To all agencies: Please do not contact LevelBlue employees outside of the Talent Acquisition team. LevelBlue’s policy is to only accept resumes from agencies through its approved agency process and with a valid agreement in place. Any resume submitted outside this process will be considered the property of LevelBlue, and no fee will be paid if a candidate is hired from such a submission.

#LI-JF1