Our Federal Government Client is seeking a Senior Cyber Security Analyst to join their team and strengthen the Cyber Operations team's security monitoring and incident response capability. This is a long-term contract role starting from July 1, 2023, with an initial contract duration until June 30, 2024. There are two 12-month extension options available. The position is located in the ACT, and the working arrangements are full-time onsite, with the possibility of flexible working arrangements considered on a case-by-case basis.
As a Senior Cyber Security Analyst, your responsibilities will include:
- Developing and documenting detection and alerting use cases specific to the Department's IT environment and threat model.
- Implementing and tuning custom detections and analytics rules based on developed use cases in Microsoft 365 Defender and Microsoft Sentinel.
- Developing knowledge articles, playbooks, and procedures to support incident response activities based on use cases and the Department's IT environment.
- Collaborating with security engineers, infrastructure teams, system owners, and application development teams to develop and implement system-specific security monitoring approaches.
- Determining and driving team priorities, including the implementation of toolsets and ingestion of log sources, to improve capability.
- Leading major and critical incident response investigations.
- Taking action on escalated and complex security alerts and incidents.
- Mentoring and leading other Cyber Security Analysts within the team.
- Providing advice and support to the Director, Cyber Operations, and Executives as required.
To be successful in this role, you should have:
- Demonstrated experience as a Senior Cyber Security Analyst working in a Security Operations Centre, including detection engineering and incident response responsibilities.
- Demonstrated skills and experience in Microsoft Sentinel and Defender products, including responding to alerts and incidents and developing custom detections and analytics rules.
- Demonstrated experience in working with and investigating security logs from different platforms and devices.
- Demonstrated experience in strengthening the maturity of a SOC.
Desirable criteria include:
- Experience facilitating incident response simulations.
- Experience utilizing threat intelligence services and tools to inform detection engineering and enrich alerts and incidents.
Due to security clearance requirements, candidates must be Australian citizens and able to obtain Negative Vetting Level 1 clearance.
Apply now for immediate consideration by contacting Param Kaur on 0262689781, quoting Job Reference: #256289
Please note: Only candidates that meet the above criteria will be contacted. Thank you for your interest in the position.
Diversity and inclusion are strongly supported at Peoplebank. People of all nationalities, gender identities, and cultural backgrounds, including Aboriginal and Torres Strait Islander Peoples, are encouraged to apply.
