Job description
12 months contract + extensions
ACT/WFH
Federal government
Contract until June 2024 + 2 x extensions | ACT/WFH | Open rates
A renowned Federal government body, is actively seeking a talented Cyber Security Engineer to join their team. As a critical member of the organisation, you will play a vital role in safeguarding nation's sensitive data and protecting their infrastructure against ever-evolving cyber threats.
As a Cyber Security Engineer, you will play a critical role in enhancing the cybersecurity capabilities and ensuring the ongoing protection of the systems and data. You will collaborate with a talented team of Security Analysts and contribute to the development and maintenance of the Security Information and Event Management (SIEM) platform, as well as the automation of detection and response capabilities using SOAR technologies.
Key Responsibilities:
Develop and maintain SIEM alerts and dashboards to aid in the timely detection of threats.
Collaborate with Security Analysts to design, develop, and maintain automatic detection and response capabilities using available SOAR capabilities.
Utilize threat intelligence to enhance and enrich alerts, ensuring accurate and meaningful information is provided for analysis and response.
Develop and maintain team Standard Operating Procedures (SOPs) and playbooks for SIEM management and configuration, including alert exclusions and tuning processes.
Assist in the maintenance and management of our Security Operations (SecOps) environment, ensuring it remains up to date and aligned with industry best practices.
Ideal candidate:
Demonstrated experience managing/maintaining logging and SIEM technologies.
Demonstrated knowledge of cyber security principles and processes in a defensive context.
Demonstrated ability to develop alerting rules and dashboards to assist with threat detection and incident response.
Ability to learn and understand how the operating environment functions normally and effectively identify anomalies when they occur.
Demonstrated experience with development practices and DevOps pipelines.
Have or be able to obtain a NV1 Clearance - NON NEGOTIABLE
Be prepared to write answers to 5 selection criteria if shortlisted. (sorry for the strings attached)
Desirable:
Experience with Azure Sentinel, Kusto Query Language (KQL) and Azure logging mechanisms
Experience with Microsoft’s suite of security tools, including Azure Security Centre, Microsoft 365, and Microsoft ‘Defender for’ tools (Endpoint, Identity, etc.)
Experience managing a Windows environment, including patching, Active Directory and Group Policy management.
Experience utilising threat intelligence services and tools such as MISP to enrich data and alerts that originate from SIEM and logging tools such as Syslog-ng.
If this sounds like you- PLEASE APPLY NOW!
** Aboriginal and Torrens Strait Islander people are strongly encouraged to apply **
Indigeco acknowledges the Traditional Custodians of the country throughout Australia and recognises their connection to land, waters, and community. We pay our respects to our Indigenous brothers and sisters, their Culture, and to elders past, present & future.
Request
SIEM, Cybersecurity, Microsoft Office