Security

Cyber Security Analyst

Canberra, Australian Capital Territory
Work Type: Fixed Term Contract
Apply Now

 Requirements 

         
Utilise their skills and experience as Senior Cyber Security Analyst, working within a Security Operations Centre, to maintain and strengthen the Cyber Operations team’s security monitoring and incident response capability.

  1. Develop and document detection and alerting use cases specific to the Department’s IT environment and threat model.
  2. Implement and tune custom detections and analytics rules based on developed use cases in Microsoft 365 Defender and Microsoft Sentinel.
  3. Develop knowledge articles, playbooks and procedures to support incident response activities based on use cases and the Department’s IT environment.
  4. Collaborate with security engineers, infrastructure teams, system owners, and application development teams to develop and implement system-specific security monitoring approaches.
  5. Determine and drive team priorities, including implementation of toolsets and ingestion of log sources, to improve capability.
  6. Lead major and critical incident response investigations.
  7. Action escalated and complex security alerts and incidents.
  8. Mentor and lead other Cyber Security Analysts within the team.
Provide advice and support to the Director, Cyber Operations and Executives as required.

Working arrangements     Full Time Requirement: Onsite, standard 8 hours per day, and 40 hours per week in total. Flexible Working Arrangements (including remote working arrangements): Requests will be considered on a case-by-case basis against the business requirements of the department and the needs of the immediate work area.  Reduced Activity Period - A reduced activity period may apply where the specified personnel will not work unless the buyer has provided pre-approval in writing, which includes: • public holidays; and • Christmas shutdown, from 12:30 pm on the last working day before Christmas Day and reopening the first working day following the first day of January each year. 

Criteria

     
      Essential criteria      
  1.  Demonstrated experience as a Senior Cyber Security Analyst working in Security Operations Centre, including detection engineering and incident response responsibilities.   
  2.  Demonstrated skills and experience in Microsoft Sentinel and Defender products, including responding to alerts and incidents and developing custom detections and analytics rules   
  3.  Demonstrated experience in working with and investigating security log from different platforms and devices   
  4.  Demonstrated experience in strengthening the maturity of a SOC.   
     Desirable criteria      
  1.  Experience facilitating incident response simulations.   
  2.  Experience utilising threat intelligence services and tools to inform detection engineering and enrich alerts and incidents

Clearance Required:
NV1 or above
 

Submit Your Application

You have successfully applied
  • You have errors in applying
By clicking Submit Application, I acknowledge having read your Privacy Policy and agree to storing and processing my data for this application.