Bapcor Ltd is the leading automotive aftermarket provider of accessories, equipment and service. We host one of the widest ranges of car parts in the world, with brands including Burson, Autobarn, Midas, Truckline, Premier Auto Trade and Baxters.

We’re more than just automotive — we’re a dynamic, purpose-led organisation powered by people. Our Melbourne-based corporate team plays a critical role in shaping the strategy and success of the Bapcor Group.

In joining our team, you’ll be welcomed into a supportive business that spans more than 1,000 locations with over 5,000 team members across Australia, New Zealand and Thailand. We are passionate about our team, with safety and inclusivity at the forefront of everything we do. We’re also passionate about our customers, products, and living our values of:

• Doing the right thing
• Being in it together
• Giving a damn
• Getting it done

We are seeking a Senior Cyber Security Analyst to strengthen Bapcor’s security engineering and operational capability across hybrid (on‑prem and cloud) environments.

This is a hands‑on, delivery-focused role with responsibility across infrastructure security, cloud security engineering, and security operations (SecOps). You will design, implement, and operate security controls across Azure, Entra ID, Microsoft 365, endpoint platforms, and core infrastructure, while supporting incident response and continuous uplift of our security posture in collaboration with managed security partners.

What You will do:

• Engineer, deploy, and operate security controls across Azure, Entra ID, Microsoft 365, and on‑prem infrastructure.
• Monitor, investigate, and respond to threats using CrowdStrike Falcon (EDR) and broader platform capabilities.
• Manage email security operations using Mimecast, including phishing/BEC investigations and awareness uplift.
• Lead and support security incident response activities (triage, containment, remediation, and post-incident review).
• Implement and maintain security baselines, hardening standards, and technical control frameworks.
• Contribute to cloud and application security controls, including WAF technologies aligned to Zero Trust principles.
• Secure hybrid identity environments (Active Directory & Entra ID), including access controls and privileged identity management.
• Partner with infrastructure and application teams to embed security into design, delivery, and change initiatives.
• Drive automation and continuous improvement using scripting (PowerShell/Bash) and modern DevSecOps practices.

• 3–5+ years’ experience in cyber security, security engineering, or SecOps within complex environments.
• Strong hands‑on expertise in infrastructure and cloud security (Azure, M365, hybrid environments).
• Proven capability in at least two: EDR (e.g. CrowdStrike), WAF technologies, application control/allowlisting.
• Experience with Active Directory, Entra ID, and Windows/Linux platforms.
• Solid understanding of security frameworks (ACSC Essential Eight, NIST CSF) and control implementation.
• Strong scripting skills (PowerShell essential; Bash desirable) with a focus on automation and efficiency.
• Experience in incident detection, investigation, and response in operational environments.
• Practical understanding of risk, assurance, and security control uplift in enterprise settings.
• Pragmatic, hands‑on mindset with the ability to balance risk, delivery, and business outcomes.

Why join Bapcor?

At Bapcor, we focus on what matters most for our customers, team members and the communities we serve. We go the extra mile to get the job done and always live our values.

In joining our team, you can access:

• Diverse career opportunities within the Bapcor Group
• Discounts across Bapcor products and services, including our Retail and Trade brands
• Industry leading policies to support your work/ life balance (gender neutral parental leave, purchase leave, volunteer leave etc…)
• Paid birthday leave
• Wellbeing support
• Novated leasing and more

We pride ourselves on our inclusive work environment, and encourage applications from people of all ages, cultures, gender identity, abilities and backgrounds, providing a recruitment experience that’s fair, free from bias and accessible. If you need to inquire about reasonable accommodation for the application process, please email [email protected]

No Recruitment Agencies Please!

While we understand that recruitment agencies would love to offer their support, we kindly request all agencies to refrain from contacting us regarding this job posting. All applications should be submitted directly by candidates.