AddressAre you passionate about cybersecurity and ready to make a tangible impact? Our client AGL are looking for a talented Cybersecurity Defence Specialist to join Cyber Defence and Response team. In this key role, you'll operate and enhance the technical cyber defence SIEM engineering and intelligence capabilities of SOC, playing a critical part in protecting from emerging threats. This is a Melbourne based contract opportunity for initial duration of six months in a hybrid working environment.
About the Role:
As a Cybersecurity Defence Specialist, you will:
- Innovate and Implement: Lead cyber detection engineering activities to ideate, develop, and implement threat identification processes.
- Enhance Defences: Identify log sources, assess data gaps, and develop use cases from vulnerability reports and emerging threats using the Mitre ATT&CK framework.
- Develop Detection Content: Hypothesize threats and establish a detection life cycle to manage threat detection capabilities, including conducting purple teaming exercises.
- Tune and Modernise: Continuously refine detections for false positives, automate where possible, and modernise threat detection with Detection as Code (DaC) and its dependent pipeline.
- Collaborate and Respond: Work closely with the cyber incident response team to enhance detection and monitoring requirements, and develop response playbooks for each detection.
- Report Metrics: Provide periodic cybersecurity engineering metrics, including 'mean-time-to-detect' and 'mean-time-to-response' to relevant stakeholders.
You will have:
• Proven Security Operation Centre Experience: Fundamental understanding of SOC environments.
• Technical Expertise:
o Mitre ATT&CK framework
o Sigma or YARA rules
o Knowledge of attacker tactics, techniques, and procedures (TTPs) translated into detection logic
• Hands-on Experience:
o SIEM technologies (we use Splunk Enterprise Security)
o SPL (Splunk query language)
o Log aggregation and normalization
• DevOps Knowledge: Experience with CI/CD pipelines, Agile methodology, Docker, Git, and Python is highly regarded.
We are committed to creating a secure and resilient environment where innovation thrives. You'll be part of a dynamic team that values collaboration, continuous improvement, and staying ahead of the curve in cybersecurity. Help us defend against known and emerging threats while driving innovation and excellence in our cybersecurity practices.
Apply Today!
At Chandler Macleod, we are committed to fostering a diverse workforce where everyone is welcome.
You can read more about our commitment to diversity and inclusion at https://www.chandlermacleod.com/diversity-and-inclusion
