About the role:
The Senior Cyber Engineer will undertake complex and technical cyber activities under the leadership of managers and the Director, Cyber Security Operations. The successful candidate will develop capabilities for NDIA in the following areas: threat intelligence, vulnerability identification, breach detection, incidence response, data protection and identity and access management.
- Identify critical data sources required by cyber for ingestion and normalisation into the SIEM
- Configuration of SEIM, including alerting visualisation and reporting
- Develop and maintain automation through playbook design for the SRSC
- Implementing frameworks for Cyber Threat Intelligence based on best practice
- Develop and design vulnerability assessment capability
- Supporting the development of incident response capability and automation
- Automate current processes to allow for rapid growth and scalability.
- Mentor and develop Tier 1 and Tier 2 Cyber Analysts within the SRSC
Skills and experience:
- Demonstrated experience (5+ yrs) as SIEM Engineer or a Tech Lead in a SRSC/SOC
- Solid experience working with SIEMs (Azure Sentinal, Splunk, Elastic), Microsoft Azure and AWS security stack, vulnerably scanners (Tenable Nessus/Rapid7 Nexpose), and Threat Intelligence Platforms
- Highly developed skills in a scripting language such as Python or PowerShell
- Highly developed written and verbal communication skills
- Critical thinking, analytical and troubleshooting skills
- Relevant vendor certifications(Splunk Certified, Azure Security Adminisitator, Service Reliability Engineering Foundation)
- Demonstrated working knowledge of the Scaled Agile Framework and ITIL principles.
- Demonstrated working knowledge of Incident Response Frameworks (NIST SP 800-61 Incident Handling Guide, Mitre Frameworks)
For more information or a confidential discussion, please contact Josie Bandiola on 02 9054 8710 quoting reference 242639.
To apply please click the 'Apply Now' button.