Senior Cyber Security Operations Analyst

at  Infinite Talent Group Pty Ltd

JOB DESCRIPTION:

The Senior Cyber Security Operations Analyst will undertake technical cyber security activities under the leadership of the Assistant Director of Cyber Security Operations. The Senior Cyber Security Operations Analyst must possess and demonstrate technical competency in areas of cloud security (Azure/AWS), endpoint and network security, threat intelligence and hunting, data loss prevention, vulnerability management, and incident response.
The Senior Cyber Security Operations Analyst will be required to support and contribute to the protection of the Agency’s systems, users, and data, to support client’s objectives to “build a world-leading National Disability Insurance Scheme”.

As part of the Cyber Operations team, the role will help ensure that client has the capability to build and protect cyber-resilient information technology platforms and support strategic objectives. The role will involve the key responsibilities:

• Conducting proactive monitoring, investigation, and mitigation of security incidents within security tools (including Microsoft Defender 365 stack, Azure Security Centre, IntSights, Splunk)
• Analysing security event data and identifying suspicious/malicious activity from networks and systems
• Perform incident response including initial and detailed investigation, computer forensics, chain of custody implications
• Responding to events and incidents using established Standard Operating Procedures (SOPs)
• Escalate complex incidents, and engage with Subject Matter Experts
• Perform and manage phishing simulations
• Research new and evolving threats and vulnerabilities to the Agencies threat landscape
• Conduct log analysis and develop visualisation and reporting within Splunk
• Identify critical data sources required by cyber for ingestion and normalisation into the SIEM
• Collaboration with Security Operations and IT engineers to implement security controls
• The ability to work with limited supervision and to quickly gain knowledge of in a range of technologies
• Mentor and develop junior staff, and identify areas of people, process, and defensive tool improvement

• Conducting proactive monitoring, investigation, and mitigation of security incidents within security tools (including Microsoft Defender 365 stack, Azure Security Centre, IntSights, Splunk)
• Analysing security event data and identifying suspicious/malicious activity from networks and systems
• Perform incident response including initial and detailed investigation, computer forensics, chain of custody implications
• Responding to events and incidents using established Standard Operating Procedures (SOPs)
• Escalate complex incidents, and engage with Subject Matter Experts
• Perform and manage phishing simulations
• Research new and evolving threats and vulnerabilities to the Agencies threat landscape
• Conduct log analysis and develop visualisation and reporting within Splunk
• Identify critical data sources required by cyber for ingestion and normalisation into the SIEM
• Collaboration with Security Operations and IT engineers to implement security controls
• The ability to work with limited supervision and to quickly gain knowledge of in a range of technologies
• Mentor and develop junior staff, and identify areas of people, process, and defensive tool improvemen