AddressAs a Security Operations Officer reporting to the Security Operations Lead, you will be responsible for maintaining the integrity and confidentiality of the organization’s data and information systems. You will be expected to proactively look for ways to enhance the security posture of the Branch’s cloud-hosted solutions with members of the Technology Development team. This role plays a critical and active part in monitoring, detecting, and responding to security threats and incidents to ensure the branch’s cyber environment is resilient against unauthorized access, breaches, and other potential cyber risks.
Key responsibilities include:
Proactive Monitoring: Continuously monitor the entire software supply chain for any signs of vulnerabilities, both current and emerging, to ensure the organization's software solution remains secure.
Risk Analysis: Evaluate and understand the potential impact of detected vulnerabilities. Prioritize them based on severity and potential harm to the Branch’s operations and objectives.
Change Management: Strictly adhere to and promote the best practices and processes for change management. This includes properly documenting all changes, seeking necessary approvals, and ensuring that all stakeholders are informed about the changes.
Third-party Library/Dependency Management: Regularly review and update third-party libraries that the software solution depends upon. Ensure that they are up-to-date and free from known security vulnerabilities.
Security Monitoring: Continuously monitor the branch’s networks and systems for breaches or intrusions. Utilize advanced cyber security tools to detect vulnerabilities or malicious activity.
Security Tool Management: Manage and maintain various security tools, while identifying opportunities for automation and orchestration for improved investigation / response actions.
Incident response: Support the coordination of, and response to, major cyber security incidents and restoration following a cyber security incident. Conduct root cause analysis and remediation actions for vulnerabilities and incidents. Implement measures to prevent future occurrences.
Policy enforcement: Ensure the branch’s cyber security policies and procedures are being adhered to by conduction regular audits and checks.
Reporting: Manage threat intelligence feeds and ensure incorporation of intelligence data into use cases. Develop threat advisory reports based on threat intelligence data as input into threat hunting campaigns and proactive remediation activities.
Threat Hunting: Plan, execute and manage threat hunting campaigns and support the development of alerting rules and use cases within security platforms based on completed campaigns and threat analysis.
Selection criteria
Candidates must have demonstrated experience in:
▪ Experience in cyber security operational roles (Security Monitoring / Incident Response, Threat
assessment, Security Engineering etc.)
▪ Sound knowledge and understanding of WoAG policies relating to cyber security
▪ Knowledge and expertise in security architecture & security risk management.
▪ Experience in applying security to cloud platforms, preferably Microsoft Azure with a record of successfully identifying and mitigating security vulnerabilities in software solutions.
▪ Problem-solving skills: Demonstrated analytical and critical-thinking abilities; being able to swiftly troubleshoot and resolve issues, sometimes under pressure.
▪ Demonstrated skills in understanding business requirements and problems in relation to utilizing existing or evaluating alternative technologies.
▪ Knowledge and understanding in the application of cyber security management best practice frameworks.
Criteria
Essential criteria
- CV Review: Panel members will be looking for relevant professional and technical experience relating to the essential criteria (30%) and desirable criteria (10%) outlined in the position description. This will be scored out of 10. Only candidates that meet the essential criteria may be progressed to the next stage.
- Interview: An Interview will be requested for shortlisted proposals. Panel members will pose questions consistently across identical roles. These questions will cover relevant professional and technical experience (validated by a Technical Advisor, if necessary), culture, and experience. Questions will be scored out of 10.
- Referee check: Use of a standard and relevant referee template, and technical validation (if necessary).
▪ Tertiary qualifications in information systems, cyber security, information security, or a relevant field or equivalent industry experience.
▪ Relevant cyber security certifications or accreditations.
▪ A demonstrated knowledge or understanding of the principles, technologies and practices related to Digital Identity, including a keen awareness of the latest trends and challenge would be highly desirable.
Please feel free to call Manoj on 0468 492 *** or simply click on Apply now button
