Cyber Threat Detection Specialist - Canberra, Australia - CYOS Solutions

CYOS Solutions
CYOS Solutions
Verified Company
Canberra, Australia

2 weeks ago

Olivia Brown

Posted by:

Olivia Brown

beBee Recruiter
Description

Application closing date:
Tuesday, 20 June :59pm, Canberra time


Estimated start date:
Monday, 03 July 2023


Location of work:

ACT

Length of contract: 6 months


Contract extensions: 2 x 6 months


Security clearance:
Must have Negative Vetting Level 1


Rates:
$100 - $130 per hour (inc. super)


The Cyber Threat Detection Specialist (CTD) is required to perform a leadership role while exercising a considerable degree of technical skill and independence pertaining to the monitoring and response function of Services Australia Cyber Security.

The primary focus of the CTD Specialist is to lead a multi-disciplinary team to develop and implement detection methods to identify, monitor, respond, protect against malicious cyber events targeting Services Australia and Shared Services Partners networks.

This role requires in-depth knowledge of cyber security fundamentals to accurately determine impact, relevance of emerging and existing threats to operating environments.

The CTD Specialist will draw upon their knowledge of detection methodologies and technologies, attack vectors, vulnerability management principles, network security, security engineering principles, information systems control design, and control monitoring.


Primary Technologies:
SIEM Technologies Various Splunk, IBM Qradar, Elastic, Firewall and Network Technologies, Cloud monitoring technology sets CASB, WAF etc

The Cyber Threat Detection Specialist Key Tasks/Duties may include some or all of the


following:

  • Threat Detection development inclusive of reviewing and approving detection use cases, response playbook development and implementation of detection use cases.
  • Provide technical or strategic advice on complex issues related to detection technologies.
  • Coordinate the accurate and appropriate referral and subsequent tuning of detection use cases.
  • Review and contribute to process documentation including providing input into the development of processes and ensuring documentation created by the shift aligns with outcomes and goals of the process.
  • Provide timely, relevant and accurate information to the Director Cyber Threat Detection where business impacts of events and decisions are sensitive, including but not limited to:
  • Wide ranging impacts;
  • Events affecting senior executives or other agencies;
  • Confidentiality, integrity and availability are impacted.
  • Provide technical guidance, leadership, and support to Cyber Security Operations staff while overseeing Cyber Threat Detection roles.
  • Prioritise tasking and duties in accordance with direction from Cyber Security Divisional teams considering risk, urgency and impact using independent judgement.
  • Supervise and manage staff and provide expert advice and assistance to team members performing technical work.
  • Ensure staff have the tools, access and resources required to complete their job to a high standard including appropriate levels of access, training and efficient tools

Essential Criteria

  • Experience developing and implementing threat detection use cases and playbooks.
  • Experience providing technical and strategic advice on complex issues related to detection technologies.
  • Experience providing timely, relevant and accurate briefings to SES where business impacts of events and decisions are sensitive (such as having wide ranging impacts or the potential to impact confidentiality, integrity or availability).

Desirable Criteria

  • Experience producing and providing input into process documentation.
  • High level of communication skills with experience communicating to technical and nontechnical stakeholders at the SES level.
  • Current and up to date knowledge of common threats and vulnerabilities.
  • Experience supervising and managing staff as well as sharing experience, knowledge, and insights with team members to support capability uplift.
  • Experience creating and tuning alert rules within a Security Information and Event Monitoring.
  • Experience with log normalisation and ingestion.
  • Knowledge of scripting.
More jobs from CYOS Solutions
See all jobs of CYOS Solutions