Cyber Threat Analyst - Canberra, Australia - CyberCX

CyberCX

Verified Company

Canberra, Australia

2 weeks ago

Posted by:

Olivia Brown

beBee Recruiter

Description

Must be based in Canberra (not remote)

Must be a United States citizen

About the company

CyberCX is joining forces with one of the most exciting cyber security companies from the United States to deliver projects for the Australian market.

You will be trained to deliver a patented, groundbreaking new approach to cybersecurity that identifies, stops, and prevents threats others miss.

This innovative technology outperforms the components of every other network security solution and is solving the biggest challenges for customers today with better security, virtual vulnerability mitigation, reduced alert fatigue and fewer false positives.

About the role

The Triage Threat Analyst (TTA) is responsible for performing analysis on all events and alerts generated by our technology and the associated PCAP system (on which run a variety of tools).

The TTA analyses events for correctness and is responsible for the occasional adaptive tuning necessary as a result of a false positive.

Due to the nature of the work, applicants must be citizens of the United States. Australian government security clearances are desirable, but not required.

Duties

Hunting alongside talented threat researchers to find adversary tactics, techniques, and novel attacks within networks and pivoting that knowledge to prevent them from succeeding.
Triaging through events to confirm True Positives, False Positives, False Negatives and pivoting into new methods of hunting for adversary techniques in files, network traffic, and other sources of data.
Utilizing opensource research to expand upon current understanding of CVEs, actors, TTPs, malware families, and malicious infrastructure.
Developing signatures, or rules based on both content and metadata of files.
Analyzing new files and malware from a holistic perspective, to help aid in detection and prevention for customers.
Evaluating and utilizing threat intelligence to make actionable decisions (open source, paid source, internal telemetry).
Constantly improving your knowledge of the offensive/defensive security community as a whole.

Skills & experience

The ability to categorize, triage, and analyze network traffic with demonstrated experience using Wireshark and other systems to isolate out anomalous traffic.
Strong analytical and technical skills in Computer Network Operations, Computer Network Defense, and Computer Network Exploitation.
Experience utilizing a scripting language (preferably Python) to help automate processes. Must be able to read a script in common scripting languages and understand their functionality as well.
Demonstrated working knowledge of Unix/Linux, MacOS, and windows systems.
Comfortability using Atlassian Suite tooling
Confluence, BitBucket and Jiraand functional equivalents.
Experience working in control versioning with git.
Working knowledge of performing queries using lucene or KQL in elasticsearch/kibana.

Benefits

Flexible hybrid working environment (a blend of office and WFH)
Corporate discounts on a huge variety of retail stores through our partners
Ability to deepen your experience and skills inline with CyberCX's specialisation as Australia's leading cyber security provider.
Opportunities to engage directly with and support senior leadership on significant work and contribute to thought leadership.

Please note, due to the nature of this role, it is a mandatory requirement that all applicants are United States citizens. Only Canberra based applicants will be considered for this role (flexible hybrid working environment; a blend of office and WFH - not remote). Assistance with relocation within Australia will be considered.