One It - Security Incident Response Analyst

The Opportunity
WSP is a global leader in engineering and professional services. We pride ourselves on delivering innovative solutions to our clients and maintaining a robust IT operation to support our employees worldwide.
Under the guidance of the SOC Manager Incident Response, assist with the overall design, analysis and execution of the Security Operations Center Tasks, including the following.
Requirements:
Operations, as assigned by the staff's management.

• Security Analysis
• Identity Governance and User Lifecycle Management
• Threat and Vulnerability Management
• Network, Database, Server and Endpoint, and Application Security
• Information Security Framework and Audit Compliance
• Security Awareness
• Collection and analysis of metrics
• SIEM
• Antivirus and Antimalware analysis.

The Global SOC Analyst will have multiple security-related roles within the organization. Their main goal will be to provide a secure computing environment for the organization to conduct its business. The analyst will be responsible for creating technical security standards for technologies within the below scopes of responsibilities as well as other aspects of security operations and for auditing for compliance under these standards; this is not an exhaustive list:
Threat and Vulnerability Management

• Recommend, design and manage the vulnerability management process. Not mutually exclusive to patching, Intrusion prevention, Vulnerability bulletins, penetration testing, malware prevention and Incident Response.
• Develops a common set of security tools. Defines operational parameters for their use and conducts reviews of tool output.

Security event detection and response

• Manage the tools and processes for the organizations SIEM as well as any other event detection and response tools. Write Standard Operating procedures, train and hand over to operations for remediation.

Incident Management Process and Forensics

• Assist in providing forensic capabilities for the incident management process when needed. Monitor and manage infrastructure logging for security, including perimeter network devices, malware prevention, and intrusion prevention.

Network infrastructure security

• Responsible for determining and maintaining the technical standards for configurations of routers, switches, firewalls, IPS and IDS devices.

Leadership and People Responsibilities

• Assist in the training, and coaching of new and existing staff, and provide coaching to staff executing all aspects of information security and risk assessment and support
• Develop positive working relationships with other team members and business partners and partner across teams to align with WSPs internal and external client demands
• Assist in communication streamlining for information security risk and analysis across IT and vendors by acting as an advocate of security analysis and the overall information risk team

Skills and Qualifications:
Required

• 3-5 years of related experience in information security, risk, compliance, or a similar position
• Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering or related field
• Knowledge of security technologies (encryption, data protection, network intrusion prevention, host intrusion prevention, firewalls, privilege access, etc.)
• Knowledge of enterprise IT security concerns and technologies, including but not limited to VPNs, network security, encryption, authentication, application-level network protocols, PKI, IPSec, Firewall, SSH, SSL, DES, LAN/WAN, and TCP/IP
• Knowledge of security best practices in relation to applications, network and client setups
• Experience with governance, compliance and audit within IT environments
• Experience in risk management, including risk analysis, mitigation and monitoring
• Knowledge of information security regulations applicable to WSP

Preferred

• Master's degree in Information Technology, Computer Science, Engineering or a related field
• Certification in Information Security (CISSP, ISC, or CISM) practices and policies

Key Technologies:

• Microsoft 365 Defender
• Microsoft Sentinel
• Microsoft Windows Server
• Microsoft Active Directory
• ZScaler Secure Web Gateway & Private Access

About WSP
WSP is one of the world's leading engineering professional services consulting firms, bringing together approximately 4,500 talented people across 14 offices in Australia. We have committed to halving the carbon footprint of our designs and advice by 2030. Our sustainable solutions and Future Ready™ projects will help societies grow for lifetimes to come.
WSP prioritises the health and well-being of our people by offering flexible working, 12 months of parental leave, opportunities for global mobility, purchased additional leave, and competitive remuneration among many more benefits designed to help you shine. We are committed to providing an inclusive, diverse and equal-opportunity workplace. We promote Indigenous voices and are actively delivering a 'Stretch' level Reconciliation Action Plan. Accredited by the Workplace Gender Equality Agency as an Employer of Choice, we also support the LGBTQI+ community and encourage all employees to bring their whole selves to work.
To express your interest in this position please apply with your resume and a short cover note outlining your interest and how you feel you can meet the criteria.
Please note that the location for this position may be based anywhere in Australia.