AddressASD EL1 Technical Lead – Cyber Threat Hunt
$118,193.92– $133,322.80 (plus 15.4% super)
Brisbane CBD - QLD, Canberra - ACT, Melbourne CBD - VIC
The Role
We are seeking a Cyber Threat HuntTechnical Lead to lead technical work and projects within Hunt Section.
This is a technical role, requiring an aptitude for complex problem solving and the ability to conduct deep analysis of network communications and endpoint activities to unearth malicious tradecraft.
Successful applicants will hunt for sophisticated actors on priority networks by developing and implementing innovative detection capabilities and analytical tradecraft. We want you to join our team to assist ASD in defending against these advanced threats.
As a Hunt Technical Lead, you will direct technical work, collaborate with your peers and leverage your deep cyber security knowledge to lead effective and thorough hunt operations. This involves scoping hunt activities, technical problem solving during hunts and engagement with hunt customers. This role also has a leadership component – you will be expected to mentor and coach hunt analysts, assign them technical tasks and provide quality assurance of their work.
There are vacant Technical Lead positions across ASD’s Brisbane, Canberra and Melbourne offices.
About our Team
ASD invites you to take the next step in your career.
We are looking for individuals with a passion for understanding, discovering and countering Cyber Threats impacting Australia and its interests.
The Technical Threats and Visibility (TTV) Branch in ASD’s Australian Cyber Security Centre (ACSC) detects adversaries targeting or exploiting Australian networks by analysing their technical tools and tradecraft. The ACSC uses this deep understanding to defend and disrupt malicious activity that threatens Australia’s national security.
TTV’s Hunt Section conducts targeted, intelligence-led operations to detect sophisticated threat actors on Australian Government and Critical Infrastructure (CI) networks. Hunt uses custom tools, tailored detections and all-source intelligence in its pursuit of undetected compromises. Hunt works closely with other areas within ASD – as well as industry and international partners – to improve its capabilities and operational outcomes.
At ASD, we will strongly invest in your career by supplying you with rewarding opportunities, flexible working arrangements, comprehensive internal and external training, and a competitive employment package designed for skilled employees.
Our Ideal Candidate
We are looking for candidates who have strong experience in one or more of the following disciplines:
Host Forensics – Specialising in disk forensics (EDR or dead disk)
- Operating system principles and their underlying features such as file system structures, process and thread linkages, and registry
- Collection and analysis of host artifacts to discover anomalous or malicious behaviour
- Adversary mindset, i.e. how an APT would manipulate operating systems
Host Forensics – Specialising in Windows memory forensics
- Inner workings of memory including memory structures
- Collection and analysis of memory artifacts like crashdumps, hibernation files or page/swap space identify anomalous or malicious activity
- Adversary mindset, how would they manipulate memory
- Structured and unstructured analysis
Network Forensics
- Collection and analysis of network traffic to discover anomalous or malicious behaviour
- Network protocol analysis (e.g HTTP, DNS, SMTP) and how they are used and manipulated for malicious purposes.
- In addition, for a Technical Lead EL1 role in ASD, applicants will need to demonstrate:
- Experience leading technical people, projects or operations
- Ability to communicate technical knowledge in a concise manner to non-technical audiences
- An aptitude for building and sustaining relationships, and experience liaising with a range of stakeholders
- Experience in providing quality assurance of technical outcomes
- Capability to work in a dynamic environment with competing priorities
- Ability to work independently with accountability for achieving technical outcomes.
Application Closing Date: Sunday 30 June, 2024
For further information please review the job information pack, reference ASD/05452/24 on https://www.asd.gov.au/careers
