The Specified Personnel will be responsible for providing the following deliverables including but not limited to:
- Undertaking technical build work for enhancing the capacity of SIEM(Security Information and Event Management) platform to support the significant increases of incoming log ingestion;
- Performing configuration changes and tuning of the SIEM security products;
- Developing and implementing scalable solutions for integrating new security services including cloud services into the SIEM Platform;
- Deploying additional hardware to enable increased capacity and capability of the SIEM;
- Deploying and configuring technical add-ons to the SIEM platform;
- Conducting SIEM use case development and implementation for security monitoring and investigation;
- Participating in knowledge sharing and mentoring of team members;
- Creating document requirements, solution designs, processes, procedures and service playbooks.
Specified Personnel must adhere to any Cyber Security, Governance and Risk Models, in addition to other relevant Departmental frameworks and work standards.
Specified Personnel will be expected to transfer skills and knowledge to departmental staff and ensure appropriate documentation is stored in accordance with the Department's recordkeeping policy and practices.
The Specified Personnel will also be responsible for producing the following deliverables, including but not limited to:
- Cyber security procedures, controls and standards;
- Incident Reports;
- Remediation/Action Plans;
- Playbooks, Use cases and SOPs
- Solution Design and Diagrams
- Reports on emerging cyber trends, threats and capabilities
To be successful in the role, you will have:
- Demonstrated experience in a similar role
- Proven Programming and/or Scripting skills e.g. Python, Java, JSON, PowerShell, Perl and Ruby etc.
- Demonstrated experience in delivering security data visualization and analytics for reporting and/or supporting incidents management activities.
- Demonstrated strong understanding of security monitoring tools for cyber security, as well as cloud security controls and architecture.
- Demonstrated experience with network, infrastructure and application security technologies, in supporting Security Operation Centre activities.
- Demonstrated hands-on experience in administration of SIEM tools running on various operating systems e.g. Linux and Windows, to a government department or large organization to a high standard.
For more information or to apply, please contact Carissa Burgos on 02 9137 8700 quoting Job Reference: 238162