About the Role
The Cyber Security Analyst will undertake technical cyber security activities under the leadership of line managers that report to the Director of Cyber Security Operations. The Cyber Security Analyst must possess and demonstrate technical competency in areas of cloud security (Azure/AWS), endpoint and network security, threat intelligence and hunting, data loss prevention, vulnerability management, and incident response. The Cyber Security Analyst will be required to support and contribute to the protection of the Agency's systems, information and environment with a focus on investigation and assisting Scheme Integrity to support the Agency's objectives.
The Cyber Security Analyst will work as part the Cyber Security Operations team that helps ensure the Agency has the capability to protect information assets, systems and environments to support strategic objectives.
The role involves key responsibilities including:
- Monitor and produce reports on threat trends.
- Monitoring and interception of outbound and inbound data containing sensitive information.
- Working with Scheme Integrity to investigate and resolve compromise of participant data.
- Conducting proactive monitoring, investigation, and mitigation of security incidents
- Analyzing security event data and identifying suspicious/malicious activity from networks and systems
- Understanding of basic incident response techniques including initial and detailed investigation, computer forensics, chain of custody implications
- Responding to events and incidents
- Develop and establish Standard Operating Procedures (SOPs)
- Assist with developing secure architecture and configuration of Agency platforms
- Liaise with team across the Chief Information Officer Division to delivery secure solutions
- Capability uplifted and monitoring of other team members
- Research new and evolving threats and vulnerabilities to the Agencies threat landscape
- Conduct log analysis and develop visualisation and reporting within Splunk (SIEM)
- Collaboration with IT engineers to implement security controls
- The ability to work with limited supervision and to quickly gain knowledge of in a range of technologies
You will have
- Demonstrated familiarity with Security Incident and Event Management (SIEM) systems
- Knowledge of the Information Security Manual (ISM) and cyber security concepts
- Formal tertiary qualifications or industry certifications in a cyber security related field (Azure/AWS, Splunk Certified)
- Highly developed written and verbal communication skills
- Sound stakeholder relationship skills
- Worked in a Security/Network Operations Center (or similar)
For more information or to apply, please contact Bianca Gabalfin on 02 6245 1738 quoting Job Reference: 241668
