Security Operations Analyst

at  Origin Energy

DELIVERING GOOD ENERGY STARTS FROM WITHIN

It’s an exciting time to join Origin. Creating a great place to work means together we’re progressing our ambition to lead the energy transition through cleaner energy and customer solutions. We’re always looking for better ways to deliver for our customers – and for our people.

ABOUT THE ROLE:

There are several business trends within Origin and in the energy industry that create the need for increased focus on effective cyber security risk management. The Security Operations Analyst will be part of the team that performs end-to-end security monitoring, analysing, and trending of security log data from many sources and independently carries out Incident Response (IR) activities.

WHY THIS ROLE MATTERS?

• Monitor, manage, and configure Origin’s cyber security tools to detect suspicious or risky user activity, across workstations, servers, network and email, for both corporate and operational technology areas of the business.
• Assists with building new detections based on threat intelligence reporting, or tuning existing detections as required.
• Continuously review and triage security alerts to assess their urgency and initiates escalation to incidents where required.
• Respond to incidents by:
• Assessing the scope of the threat / attack, including affected systems, determining and collecting further information required.
• Initiate cyber security control measures to contain the incident.
• Engage stakeholders as required to enable a holistic response (e.g. for systems recovery).
• Proactively threat hunt within the Origin environment by reviewing vulnerabilities, assessing control gaps against current threats, and analysing security logs for anomalous or risky activities.
• Regularly reviews threat and vulnerability advisories from various sources (e.g. ACSC) and, where a high priority response is required across the organisation, lead the engagement with Major Incident Management team.
• Mentor junior team members in security operations and technical leadership domains, while identifying opportunities for professional development and upskilling to promote knowledge sharing within the team.
• Partner with key stakeholders, to provide and share strategic advice and insights to enhance security solutions regarding across the organisation’s systems, driving adoption and adherence to policy, standards and guidelines.
• Influence Origin’s security architecture, engineering, and operational processes by providing direct and constructive feedback based on day-to-day observations.