Job Title: APS6 Senior Cyber Security Operations Analyst
Location: Canberra/ Brisbane/Open for Hybrid work
Duration: 12 months with possible extension
The Senior Cyber Security Operations Analyst will undertake technical Cyber Security activities under the leadership of the Assistant Director of Cyber Security Operations. The Senior Cyber Security Operations Analyst must possess and demonstrate technical competency in areas of cloud security (Azure/AWS), endpoint and network security, threat intelligence and hunting, data loss prevention, vulnerability management, and incident response.".
The role will involve the key responsibilities:
* Conducting proactive monitoring, investigation, and mitigation of security incidents within security tools (including Microsoft Defender 365 stack, Azure Security Centre, IntSights, Splunk)
* Analysing security event data and identifying suspicious/malicious activity from networks and systems
* Perform incident response including initial and detailed investigation, computer forensics, chain of custody implications
* Responding to events and incidents using established Standard Operating Procedures (SOPs)
* Escalate complex incidents, and engage with Subject Matter Experts
* Perform and manage phishing simulations
* Research new and evolving threats and vulnerabilities to the Agencies threat landscape
* Conduct log analysis and develop visualisation and reporting within Splunk
* Identify critical data sources required by cyber for ingestion and normalisation into the SIEM
* Collaboration with Security Operations and IT engineers to implement security controls
* The ability to work with limited supervision and to quickly gain knowledge of in a range of technologies
* Mentor and develop junior staff, and identify areas of people, process, and defensive tool improvement
Essential Criteria
* Graduated with relevant Cyber Security qualifications, and a few years' experience (3-6 years) in CSOC roles. Evidence of training and completion a Cyber Security certification
* Demonstrated familiarity with log aggregation and Security Incident and Event Management (SIEM) systems
* Knowledge of the Information Security Manual (ISM) and Cyber Security concepts
* Demonstrated working knowledge of Incident Response Frameworks (NIST SP 800-61 Incident Handling Guide, Mitre Frameworks)
* Formal tertiary qualifications or industry certifications in a Cyber Security related field (e.g. Azure/AWS, Splunk Certified)
* Worked in a Security/Network Operations Center (or similar)
Due to security clearance requirements for this role, candidates must be Australian citizens and ability to obtain NV1 Security clearance.
If this role aligns with your skills and aspirations, apply now for immediate consideration. Contact Archna Singh at 02 6245 1***, quoting Job Reference: #260887
The application deadline for this position is on 8th March 2024.
Please note that only candidates meeting the specified criteria will be contacted. Your interest in the position is greatly appreciated.
Diversity and inclusion are strongly supported at Peoplebank. People of all nationalities, gender identities, and cultural backgrounds, including Aboriginal and Torres Strait Islander Peoples, are encouraged to apply.