Aps 6 - Insider Threat Analyst

• $88,175 - $100,724 (plus Super and 15% BDCP)
• Harman - ACT

The Role
As an APS6 Insider Threat Analyst, you will be responsible for:

• Performing complex analysis of logs, evidence or digital artefacts in accordance with relevant policies, processes, standards and guidelines.
• Exercising a high degree of initiative, judgement, accountability, autonomy, and discretion for actions taken to prevent, detect, and respond to Insider Threats, security incidents and requests for information.
• Managing multiple competing priorities and be able to clearly and concisely articulate analytical and technical information (including insights drawn from a range of data sources) through the provision of detailed and accurate briefs, reports and correspondence (verbal and written).
• Setting work priorities, managing workflows, and undertaking considerable stakeholder engagement and management with internal and external stakeholders.
• Developing, documenting and implementing business processes to enhance Insider Threat capabilities.
• Leading the development and implementation of controls or actions to mitigate risks identified through complex analysis.
• Maintaining comprehensive knowledge of information security legislation, policies and procedures.

The additional payment is a Building Defence Capability Payment (BDCP) which enables Defence to provide a premium, in addition to the rate of salary otherwise payable under the Enterprise Agreement (EA) to some or all of the jobs within a critical occupation(s) or discipline within a workplace. Applicants engaged into a BDCP position must consider the following. BDCPs provide remuneration in addition to the Defence Enterprise Agreement (EA). This arrangement is subject to meeting eligibility criteria and is subject to annual review. Should your performance fall beyond requirements or the eligibility criteria not be met, your eligibility for the BDCP may be reviewed and ceased. It may also be ceased should you change positions or the requirement for the BDCP is no longer necessary, as determined by Defence. Should the BDCP be ceased you will be advised and your BDCP additional payment will cease.
About our Team
The Directorate of Insider Threat and Investigative Support (ITIS) is a highly skilled team comprised of cyber security professionals with a specialised focus on the timely detection and response to Insider Threats and digital indicators of security concern within the Defence Enterprise portfolio. ITIS is a multidisciplinary team operating within Defence’s complex and high-tempo environment that works closely with internal and external stakeholders, including Investigative Authorities, to provide intelligence and digital artefacts to an evidentiary standard in support of security operations and investigations.
As part of Defence Cyber and Information Assurance Branch, ITIS reports to the Defence Chief Information Security Officer (CISO) and operates as part of the broader Defence Cyber Security ecosystem. ITIS contributes to the overall Defence ICT security posture through monitoring and the development of ICT security policy settings. ITIS collaborates closely with risk and assessment management teams, ICT services providers and project teams to mitigate risks and achieve positive security outcomes. The advertised roles are for a position within either the ITIS Intelligence Team (3 positions) or Sensitive Data Analysis Team (1 position).
Please advise which team(s) you wish to be considered for within your application:

• Insider Threat Intelligence – Undertakes complex log analysis of large data sets to identify and respond to current and emerging Insider Threat risks. This includes case referral, reporting and intelligence sharing with partner entities, and providing expertise to related domestic and international forums.
• Sensitive Data Analysis – Undertakes specialist discovery and analysis of digital artefacts in support of Requests for Information (RFI) pertaining to Task Forces, Inquiries, external agencies and legal teams. This includes performing data traceability, bespoke digital forensics, and incident response activities for niche datasets and systems.

Our Ideal Candidate
You will have exceptional data analysis skills, including the ability to understand and interpret ICT and technical indicators from a variety of sources, including logs, metadata, and Security Information and Event Management (SIEM) systems to detect and respond to security risks in a timely manner.
The following attributes, skills and experience will be highly regarded:

• High attention to detail and advanced data manipulation and analytical skills.
• Ability to interpret and convey technical information to a broad range of stakeholders.
• Strong written and oral communication skills, including the ability to devise reports and intelligence products with consistency and accuracy.
• Extensive stakeholder engagement and management skills, with the ability to manage multiple competing priorities.
• Experience with analytical or forensic tools (e.g. SIEM, Excel, PowerBI, Splunk, NUIX/Ringtail, X-Ways Tableau, or similar).
• Experience in ICT security operations or investigations.
• Understanding of relevant legislation, policies and procedures regarding data sharing, privacy, investigations and information security.