Job Description

Overview

Australian Citizens With ability to obtain NV1 Clearance residing in Australia only respond

Contract details

  • Contract start 01 July 2023 to 30 June 2024, 2 x 12 months extensions.
  • Australian Citizen, Ability to obtain NV1 Clearance, Canberra role.

Role purpose

Utilise their skills and experience as Senior Cyber Security Analyst, working within a Security Operations Centre, to maintain and strengthen the Cyber Operations teams security monitoring and incident response capability.

Responsibilities

  • Develop and document detection and alerting use cases specific to the Departments IT environment and threat model.
  • Implement and tune custom detections and analytics rules based on developed use cases in Microsoft 365 Defender and Microsoft Sentinel.
  • Develop knowledge articles, playbooks and procedures to support incident response activities based on use cases and the Departments IT environment.
  • Collaborate with security engineers, infrastructure teams, system owners, and application development teams to develop and implement system-specific security monitoring approaches.
  • Determine and drive team priorities, including implementation of toolsets and ingestion of log sources, to improve capability.
  • Lead major and critical incident response investigations.
  • Action escalated and complex security alerts and incidents.
  • Mentor and lead other Cyber Security Analysts within the team.
  • Provide advice and support to the Director, Cyber Operations and Executives as required.

Every application requires to address selection criteria as part of application submission.

Selection criteria

  1. Demonstrated experience as a Senior Cyber Security Analyst working in Security Operations Centre, including detection engineering and incident response responsibilities.
  2. Demonstrated skills and experience in Microsoft Sentinel and Defender products, including responding to alerts and incidents and developing custom detections and analytics rules.
  3. Demonstrated experience in working with and investigating security log from different platforms and devices.
  4. Demonstrated experience in strengthening the maturity of a SOC.
  5. Experience facilitating incident response simulations.
  6. Experience utilising threat intelligence services and tools to inform detection engineering and enrich alerts and incidents.

#J-18808-Ljbffr

Apply for this Position

Ready to join ? Click the button below to submit your application.

Submit Application