Cyber Security Operations Analyst - Oceania - APAC (Melbourne)

at  DP World

Cyber Security Operations Analyst plays a pivotal role in fortifying DP World Oceania’s digital ecosystem against evolving cyber threats. Reporting directly to the Director – Cyber Security, this role is at the forefront of the organisation’s protection, responsible for defending essential systems, data, and infrastructure.

QUALIFICATIONS, SKILLS AND EXPERIENCE:

• Bachelor’s degree in Computer Science, Information Technology, Cyber Security or related field or equivalent technical experience.
• 3 to 5 years-experience in a cyber security related role, preferably in a security operations centre (SOC) environment.
• Relevant cyber security qualifications such as CISSP, CompTIA Security+, or CEH is highly desirable.
• GIAC or SANS-related certifications (e.g., GCIH, GSEC, GCDA, GCIA) would be advantageous
• Industry-specific expertise is advantageous.
• Proven experience in cyber security roles with exposure to OT systems and industrial environments is desirable.
• Experience in cyber security tools such as Darktrace, Microsoft Defender, Microsoft Sentinel, Tenable, Dragos, and Checkpoint GuardDuty is highly regarded.
• Strong understanding of network protocols and architecture.
• Ability to work effectively in a fast-paced environment and prioritise tasks efficiently.
• Excellent analytical, problem-solving, and communication skills.
• Familiarity with the Essential Eight or similar cyber security framework and its technical requirements for enhancing cyber security resilience.
• Ability to utilize and integrate threat intelligence feeds to enhance detection and response capabilities.
• Experience in proactively identifying threats and anomalies in the environment through advanced threat hunting techniques.
• Proficiency in scripting languages (Python, PowerShell, etc.) to automate repetitive security operations tasks and enhance incident response workflows.
• Experience in forensic investigations, including malware analysis, memory analysis, disk forensics, and network packet analysis to support post-incident reviews would be advantageous.

• Conduct real-time monitoring of security events, perform proactive threat analysis, and respond swiftly to incidents to mitigate risks impacting the confidentiality, integrity, and availability of organisational assets.
• Collaborate with key stakeholders to investigate, document, and resolve security incidents, while identifying vulnerabilities and recommending corrective actions to prevent recurrence.
• Implement and manage security controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions, to address risks and vulnerabilities in both IT and OT environments.
• Monitor security alerts and events using Security Information and Event Management (SIEM) and network detection and response (NDR) tools to detect and investigate potential security incidents.
• Deliver cybersecurity awareness training and guidance to employees and contractors, fostering a culture of cyber awareness and preparedness throughout the organisation.
• Maintain documentation of security configurations, incident reports, and compliance documentation related to OT cyber security activities.
• Develop and maintain a robust security framework, ensuring adherence to industry standards and regulatory requirements, while cultivating a security-conscious culture across the organisation.