Senior Cyber Security Operations Analyst - APS6

Responsibilities:

• Conducting proactive monitoring, investigation, and mitigation of security incidents within security tools (including Microsoft Defender 365 stack, Azure Security Centre, IntSights, Splunk).
• Analysing security event data and identifying suspicious/malicious activity from networks and systems.
• Perform incident response including initial and detailed investigation, computer forensics, chain of custody implications.
• Responding to events and incidents using established Standard Operating Procedures (SOPs)
• Escalate complex incidents, and engage with Subject Matter Experts
• Perform and manage phishing simulations.
• Research new and evolving threats and vulnerabilities to the Agencies threat landscape.
• Conduct log analysis and develop visualisation and reporting within Splunk.
• Identify critical data sources required by cyber for ingestion and normalisation into the SIEM.
• Collaboration with Security Operations and IT engineers to implement security controls.
• The ability to work with limited supervision and to quickly gain knowledge of a range of technologies.
• Mentor and develop junior staff, and identify areas of people, process, and defensive tool improvement.

Requirements:

• Demonstrated familiarity with log aggregation and Security Incident and Event Management (SIEM) systems
• Knowledge of the Information Security Manual (ISM) and Cyber Security concepts.
• Demonstrated working knowledge of Incident Response Frameworks (NIST SP 800-61 Incident Handling Guide, Mitre Frameworks)
• Formal tertiary qualifications or industry certifications in a Cyber Security related field (e.g. Azure/AWS, Splunk Certified)
• Highly developed written and verbal communication skills
• Sound stakeholder relationship skills
• Worked in a Security/Network Operations Center (or similar)

If the above role interests you, please apply at **********@talentstreet.com.au or please call 0414 082 ***