Connecting...

Security Operations Centre Analyst

Job Title: Security Operations Centre Analyst
Contract Type: Permanent
Location: Sydney CBD, New South Wales
Industry:
Salary: Negotiable
Reference: 191512_1554095473
Contact Name: Ellen Barry
Contact Email: ellen.barry@peoplebank.com.au
Job Published: April 01, 2019 16:11

Job Description

Our client, a century old global banking and financial services organisation are currently recruiting for an SOC Analyst who will endeavour to detect suspicious or malicious activity within the Bank's environment.

They will be responsible for incident identification, assessment and escalation, as well as working with the IT teams to reduce the vulnerability attack surface through vulnerability scanning and resolution. They will also be responsible for monitoring intelligence feeds and ensuring that both staff and clients are protected against cyber-crime and threats.

Responsibilities will include:

Security Incident Event Management (SIEM)

  • 1st line monitoring response - timely follow up for alerts, investigations / escalations
  • Implementation of connectors and application rules as requested
  • Any general improvements, issues / bugs as required

Alert Monitoring & Investigation

  • Anti-virus - initial response, ensure fixes and resolutions are followed
  • Create and maintain event/alert handling procedures
  • Escalation to 2nd line as required

Vulnerability Scanning & Mitigation

  • Co-ordination & preparation of monthly and ad-hoc vulnerability scans
  • Ensure all systems, devices and web sites are monitored

Threat Intelligence

  • Monitoring of spam, phishing and cybercrime events
  • Monitor intelligence feeds and ensure suspicious websites are blocked
  • Provide Cyber Awareness communications to staff
  • Maintain the Cyber Fraud Incident register

To be successful in this role you will need:
Good understanding of IT Security and Cyber threats and vulnerabilities
Strong analytical and problem-solving skills
Knowledge/experience working with SIEM tools

Experience in at least one of the following is highly desirable:

  • Symantec ATP
  • DbProtect
  • Tripwire
  • DarkTrace
  • Qualys
  • Threatmetrix TD Cloud
  • ArcSight

New year, new job. If you are interested in learning more please submit your cv for consideration quoting reference 191512