Our client an iconic Australian organisation providing products and services to millions of customers. They are pioneering, progressive and are leaders in their field.
About the Role:
This role supports collaboration across Cyber Operations, Resilience, and Architecture teams to manage and respond to cyber events. It focuses on identifying threats and executing operational procedures to mitigate risks impacting business continuity.
Responsibilities:
- Accountable and Responsible for ensuring that SIEM capabilities within the security operations team are managed, developed, scaled to suit, maintained and are consistent
- Accountable for ensuring that cyber security owned tools and capabilities within the security operations team are fit for purpose, developed, and maintained and are consistent
- Develop and coordinate plans for newly identified requirements that may create a risk
- Manage the cyber security toolset compliance, performance, and currency of cyber security tools
- Lead and manage the operational cyber tooling demand pipeline and engage with security architects and project managers to ensure clarity on scope, timing and requirements align to our cyber strategy
- Lead the identification of and the analysis and assessment of tooling requirements including the collaboration with the risk function as required
- Accountable for providing cyber tooling support to Threat Hunting Operations; providing and implementing configuration recommendations
- Support the review of vulnerabilities, attack techniques, tool/exploit development, intelligence analysis.
- Experience working in Cybersecurity
- Extensive experience in maintaining and supporting Splunk Enterprise SIEM tool. This includes all components of a SIEM deployment and updates for operational use
- Proven stakeholder Relationship management and influencing of senior management and projects on information security tooling and requirements.
- Demonstrated experience across multiple cyber platforms including Endpoint Detection and Response (EDR), Email Protection, Data Protection and automated alert triage.
- Demonstrated experience and knowledge of current and emerging technologies and assessment of their relevance and potential value or risk to the organisation
