Cyber Security Analyst Canberra, Australian Capital Territory Fixed Term Contract
Job details
Requirements Utilise their skills and experience as Senior Cyber Security Analyst, working within a Security Operations Centre, to maintain and strengthen the Cyber Operations team's security monitoring and incident response capability.
Develop and document detection and alerting use cases specific to the Department's IT environment and threat model.Implement and tune custom detections and analytics rules based on developed use cases in Microsoft 365 Defender and Microsoft Sentinel.Develop knowledge articles, playbooks and procedures to support incident response activities based on use cases and the Department's IT environment.Collaborate with security engineers, infrastructure teams, system owners, and application development teams to develop and implement system-specific security monitoring approaches.Determine and drive team priorities, including implementation of toolsets and ingestion of log sources, to improve capability.Lead major and critical incident response investigations.Action escalated and complex security alerts and incidents.Mentor and lead other Cyber Security Analysts within the team.Provide advice and support to the Director, Cyber Operations and Executives as required.
Working arrangements Full Time Requirement: Onsite, standard 8 hours per day, and 40 hours per week in total. Flexible Working Arrangements (including remote working arrangements): Requests will be considered on a case-by-case basis against the business requirements of the department and the needs of the immediate work area. Reduced Activity Period - A reduced activity period may apply where the specified personnel will not work unless the buyer has provided pre-approval in writing, which includes: • public holidays; and • Christmas shutdown, from 12:30 pm on the last working day before Christmas Day and reopening the first working day following the first day of January each year.
Criteria Essential criteria 1. Demonstrated experience as a Senior Cyber Security Analyst working in Security Operations Centre, including detection engineering and incident response responsibilities.
2. Demonstrated skills and experience in Microsoft Sentinel and Defender products, including responding to alerts and incidents and developing custom detections and analytics rules
3. Demonstrated experience in working with and investigating security log from different platforms and devices
4. Demonstrated experience in strengthening the maturity of a SOC.
Desirable criteria 1. Experience facilitating incident response simulations.
2. Experience utilising threat intelligence services and tools to inform detection engineering and enrich alerts and incidents
#J-18808-Ljbffr
Apply safely
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.
