AddressAbout the Role
The Cyber Incident Response and Engagement Lead is accountable under limited direction to perform complex work to lead Incident Response activities, proactively working with security operations, threat hunting and threat intelligence teams to coordinate and respond to Cyber Incidents.
Required to work collaboratively, develop sufficient understanding of all roles within the team to aid other functions as required and provide guidance where necessary. Overseeing vendors in the delivery of secure services and projects, including managing the procurement of new services where required.
The position requires high level specialist skills in cyber security and networking. Provide expertise and technical knowledge in incident and forensic analysis. Lead proactive analysis of security events and alerts from multiple sources. Ensuring monitoring of networks and endpoints for security events/alerts for active threats, intrusions and/or compromises is performed effectively.
Skills and Experience
• Leading proactive analysis of security events and alerts from multiple sources including but not limited to events from the Security Information and Event Tools, network intrusion systems and Host based Intrusion Prevention Tools (AV, HIPS, Application Whitelisting).
• Ensuring monitoring of networks and endpoints for security events/alerts for active threats, intrusions and/or compromises is performed effectively.
• Support the Manager, Cyber Monitoring Services and the Director of Cyber Security Operations in providing tactical and strategic security for all Agency systems.
• Partner with other functional areas in Cyber Security Operations and Cyber Solutions to lead coordinated Cyber Incident Response.
Qualifications
- A minimum of 4 years’ experience serving as a SOC Analyst or Incident Responder is highly desirable.
- A tertiary qualification/s in ICT / Cyber security is highly desirable.
- At a minimum, must have one of the following professional ICT certifications:
- SANS GCIH (GIAC Certified Incident Handler)
- SANS GCFA (GIAC Certified Forensic Analyst)
- SANS GCIA (GIAC Certified Intrusion Analyst)
- SANS GNFA (GIAC Network Forensic Analyst)
- SANS GWAPT (GIAC Web Application Pentester)
- SANS GPEN (GIAC Penetration Tester)
- Or other SANS appropriate certification
- Offensive Security Certified Professional (OSCP)
- Certified Information Systems Security Professional (CISSP)
For all queries relating to the responsibilities of the position, please contact Michael Pond at ************@digitalhealth.gov.au
Notes:
The Agency is committed to a diverse and inclusive work environment. We encourage applications from Aboriginal and Torres Strait Islander peoples, women, people with disability, people from culturally and linguistically diverse backgrounds, members of the LGBTQIA+ community, mature aged employees, and carers.
To support our diverse workforce, the Agency is pleased to offer flexible working options to our team members, which includes opportunities for an agreed amount of work performed at home and varied work hours.
Order of Merit: Applicants rated as suitable will be placed in a pool of merit that may be used to fill similar ongoing or non-ongoing positions throughout the Agency for up to 18 months.
Eligibility
• Ability to obtain and maintain national police check.
• Australian Citizenship is a condition of eligibility.
• Ability to obtain and maintain a NV1 security clearance with the ability to obtain and maintain a higher clearance if required by the Agency.
Application
The position maybe filled in Brisbane, Sydney or Canberra. To apply, submit your resume and a cover letter.
Please contact the recruitment team at *******@digitalhealth.gov.au with queries relating to the application process.
Closing Date: 1 July 2024, 11:00pm
Salary: This role offers between $94,456 - $106,563 plus 15.4% superannuation depending on skills and experience.
