This is an exciting opportunity for a motivated Cyber Security Incident Response expert with demonstrated experience working within a large SOC environment to be part of the shaping and building a new Cyber Security Operations Centre within a large government organisation.
- Act as the escalation point and Level 3 incident response expert for cyber security incidents identified by the level 1 & 2 Security Analysts, external managed security service providers or the internal IT internal Service Desk.
- Provide coordination and guidance during confirmed cyber security incidents, by coordinating resources and directing the use of timely and appropriate countermeasures.
- Produce detailed incident reports outlining the circumstances around the event as well as detailed post incident investigations outlining lessons learned and opportunities for service improvement.
- Manage the continuous monitoring, detection and analysis of potential intrusions in real time and through historical trending on security relevant data sources in collaboration with extended MSSP SOC/SIEM
- Conducting vulnerability scans and recognizing vulnerabilities in security systems. Act as coordination point in the remediation of vulnerabilities
- Conduct vulnerability assessments and impact assessments
- Provide expert knowledge and mentoring in relation to the predicting, preventing, detecting and responding to cyber security threats, as well as assisting in the design operation of the core technologies used by the Cyber Security Operations Centre (CSOC) team.
You will have
- Experience in large enterprise environments, with experience working in a Cyber Security threat management, SOC or Level 3 Security Analyst position.
- Experience leading cyber incident response engagements (either in-house or as a consultant)
- Lateral thinker with s systematic approach to troubleshooting and analysis of cyber security incidents and threats.
- An understanding of networking protocols and infrastructure designs; including, firewall functionality, routing, encryption, host and network intrusion detection systems, load balancing, and other network protocols.
- An understanding of the current threat landscape, response, and mitigation strategies used in cyber security.
- An understanding of attacker tactics, techniques and procedures and the cyber kill chain.
- Analysis and problem-solving skills.
- Experience working on multiple operating systems/platforms
- Experience in utilising tools such as but not limited to debuggers, anomaly detectors, file analysers, network protocol analysers.
- Be able to complete post mortem analysis of network logs, traffic flows and other activities to identify malicious activity on a network.
- The ability to analyse and reverse engineer various file types including providing dynamic and static analysis of malware artefacts and binaries as well as other malicious attack files.
If this sounds like the right opportunity for you please apply. For a confidential discussion, contact Rachel Drury on 3319 7556.