Address
Form of workJob no: 512632
Employment type: Ongoing
Location: Canberra
Categories: Info/Comm Tech (ICT), APS Level 5, APS Level 6
About the department
The department plays a key role in the Australian Government’s agenda to create jobs and build a stronger, more resilient and competitive economy. Our work builds on Australia’s existing strengths, supports businesses to grow, and drives new opportunities for long-term productivity growth and prosperity. The success of the department helps Australia recover from the economic consequences of COVID‑19 and adapt to its ongoing effects. Through our work, we support the government’s economic recovery plan and help to deliver a better future for all Australians.
About the team
The Chief Information Officer Division is an exciting, fast-paced team that drives the digital agenda for the Department of Industry, Science and Resources. The group leads the department’s digital agenda by partnering with our stakeholders to co-design digital experiences, making it simpler to innovate, collaborate and communicate, and continue to evolve digital services using leading edge technology and smart design. The Cyber Security team is responsible for overseeing cyber security within the department.
Our ideal candidate
The Cyber Defence Analyst is responsible for monitoring, analysing, and responding to security alerts and incidents within the Security Orchestration, Automation and Response (SOAR) platform.
You will use information collected from a variety of sources including Security Information Event Management (SIEM) to identify, analyse and report on security events associated with validation and response playbooks. Working closely with Detection Engineers, you will advise on the effectiveness of detection rules and playbooks to reduce false positives and increase efficiency.
As a Cyber Defence Analyst, you will liaise with the operations, infrastructure, third party providers and cloud teams to remediate and recover form security incidents.
Our department has a commitment to inclusion and diversity, with an ambition of being the best possible place to work. This reflects the importance we place on our people and on creating a workplace culture where each and every one of us is valued and respected for our contribution. Our ideal candidate adds to this culture and our workplace in their own way.
Applicants will ideally have the following:
Bachelor's degree in Cyber Security, Information Technology, or related field.
2-5 years of experience in cybersecurity or related field.
What you will do
The successful candidate will be responsible for:
Monitoring the department's SIEM and SOAR for security breaches or suspicious activity.
Analysing data from various sources, such as security logs and threat intelligence feeds, to identify potential security incidents.
Responding to security incidents by performing triage, containment, and remediation activities.
Investigating security incidents to determine the root cause and extent of the breach.
Developing and implementing security controls and procedures to prevent future security incidents.
Staying up to date with the latest security threats, vulnerabilities and trends in the cyber security industry.
Communicating effectively with technical and non-technical stakeholders, including management, to convey the severity of security incidents and the measures taken to prevent them.
In addition to the above, candidates successful at the APS Level 6 will:
Have the ability to guide and mentor APS3/4/5
Possess leadership skills to fill in for team leaders
Have more autonomy in their investigation and response skills.
Skills
Familiarity with case, incident and ticket management.
Experience with at least 1 SIEM (Splunk, MS Sentinel) and 1 SOAR technology.
Knowledge of common cybersecurity threats, vulnerabilities, and attack vectors.
Experience with incident response and investigation procedures.
Relevant certifications such as GSEC, GCIH, or Security+ are preferred.
Ability to work in a fast-paced, high-pressure environment.
Strong problem-solving and analytical skills.
Excellent written and verbal communication skills.
Eligibility
To be eligible for employment in the APS and the department, candidates must be Australian Citizens.
Positions require a Baseline security clearance and successful candidates will be required to obtain and maintain a clearance at this level.
Notes
A merit pool may be established and used to fill future vacancies within 18 months from the date the vacancy was first advertised in the Gazette.
The department does currently offer flexible work opportunities for many roles. This vacancy is Canberra based, although flexible or remote work arrangements may be considered. Please reach out to the contact officer to discuss this further.
How to apply
Your application must not contain any classified or sensitive information. This includes in your application responses, CV and any other documents. The selection panel may not consider applications containing classified information.
Please provide a pitch explaining how your skills, knowledge and experience will be relevant to this role and why you are the best candidate for the position. Your pitch can contain no more than 5000 characters (approximately 750 words) and should align to the key duties listed above.
Please complete your application online and provide your current CV with your application. (CVs must be in .doc, .docx, or .pdf format).
Accessible application documentation is available in other formats on request. Please contact recruitment@industry.gov.au or (02) 6276 1235 if you require assistance with your application.
Please refer to our Applying for a position information for additional information on how to apply.
Contact Information
For more information on this vacancy, please contact Matthew Wilkinson on matthew.wilkinson@industry.gov.au.
Advertised: 27 Mar 2023 AUS Eastern Daylight Time
Applications close: 16 Apr 2023 11:55 PM AUS Eastern Standard Time
