About our team
GM Technology & Major Cap Group | Cyber Risk Services | Cyber Risk Services | Cyber Detection and Response
The Cyber Detection and Response Section within Cyber Risk Services Branch is responsible for managing the Department's computer network defence and Cyber Security incident response plan. The section continuously monitors, detects and reports on Cyber Security incidents and vulnerabilities to assess the level of threat posed to the Department.
The section is also responsible for providing technical expertise and capability to manage the Department's Cyber Security Information and Event management (SIEM) platform, network defence technology and data collection and analysis systems.
This position is responsible for providing system administration of the Department's cyber SIEM, primarily the role will ensure the platform is configured appropriately to support the operational activities of Cyber Security Operations Centre (CSOC), the primary users of the SIEM. The position provides technical supports to assist CSOC personnel optimise their use of the platform.
Please visit our website for more information about the Department of Home Affairs or Australian Border Force
Our ideal candidate
Be part of a connected team of professionals, where you can use your Cyber Security System Engineering expertise to take on exciting and diverse challenges that contribute to building a secure Australia. Working within the Department's Cyber Detection and System Engineering (CDSE) team within the Cyber Detection and Response section, you will be responsible for providing expert advice supports on Cyber Security monitoring capability and Departmental Cyber Security operations and strategies implementation.
Duties and responsibilities
- Providing technical support for the Security Information and Event Management (SIEM) platform
- Identifying, troubleshooting, and resolving technical issues associated with SIEM and associated Cyber Security tools
- Performing system maintenance and upgrades and conducting regular administrative tasks e.g. system health checks and troubleshooting operational issues to optimize the operation and performance of the SIEM platform
- Assisting in the development and implementation of use cases for ICT project initiatives and the ingestion of new log sources on premise and/or from cloud into SIEM for security monitoring, alerting and investigation
- Working closely with the Cyber Security Operations Centre (CSOC) and other business areas and projects to assist with the creation of Alerts, Reports, and Dashboards for monitoring and supporting security incident response
Additional information
- Essential Criteria
- Demonstrated Programming and/or Scripting skills e.g. Python, Java, JSON, PowerShell, Perl and Ruby etc
- Demonstrated experience working across multiple vendor technologies, including Windows, Linux and network security appliances, as well as Cloud services
- Demonstrated knowledge of the Information Security Manual (ISM) and Cyber Security concepts and ability to quickly gain knowledge in emerging digital ICT technologies
- Sound stakeholder relationship, oral and written communication skills
- Strong analytical and critical thinking skills
- Tertiary ICT and Cyber security qualifications or relevant industry qualifications.
Desirable Criteria
- Extensive experience in ICT or Cyber Security related fields will be highly regarded
- Demonstrated experience in Cyber Security operational environments, and knowledge of defensive and offensive security operations
- Demonstrated hands-on experience in administration of Cyber Security tools running on various operating systems e.g. Linux and Windows
How to apply
Submit your application and CV through the Home Affairs’ recruitment system (ourPeople) before the closing date on 10/07/2024 at 11:59pm (midnight) AEST – Late applications will not be accepted.
As part of your application you will be required to prepare and submit a one-page applicant response document in relation to the advertised role, outlining:
- How your skills, knowledge, and experience will be relevant to this role
- Why you are interested in the role and what you can offer us
- Any specific examples or achievements that demonstrate your ability to perform the role.
Applicant response documents must be a minimum 11pt font in MSWord or PDF format, include your full name and the Requisition Number – 132664 in the document footer.
Prior to preparing your response it is recommended you review the Work Level standards relevant to the classification you are applying to. It may also be useful to refer to the Integrated Leadership Systems information relevant to the classification.
Eligibility
To be eligible for the position you must be an Australian Citizen.
The successful candidate will be required to obtain and maintain a Baseline Vetting (AGSVA) security clearance and an Employment Suitability Clearance (ESC).
Diversity and inclusion
The Department is committed to workforce diversity and applicants who are Aboriginal and/or Torres Strait Islander, come from a diverse cultural or linguistic background or have a disability are encouraged to apply.
RecruitAbility applies to this vacancy. Under the RecruitAbility scheme you will be invited to participate in further assessment activity for the vacancy if you choose to apply under the scheme; declare you have a disability; and meet the minimum requirements for the job. For more information visit: https://www.apsc.gov.au/recruitability