Senior Cyber Security Analyst - Canberra, Australia - Softtest pays pty ltd

    Softtest pays pty ltd
    Softtest pays pty ltd Canberra, Australia

    1 week ago

    Default job background
    Full time
    Description

    Australian Citizens With ability to obtain NV1 Clearance residing in Australia only respond

    • Contract start 01 July 2023 to 30 June 2024, 2 x 12 months extensions.
    • Australian Citizen, Ability to obtain NV1 Clearance, Canberra role.

    Send your responses to

    Overview

    Utilise their skills and experience as Senior Cyber Security Analyst, working within a Security Operations Centre, to maintain and strengthen the Cyber Operations teams security monitoring and incident response capability.

    1. Develop and document detection and alerting use cases specific to the Departments IT environment and threat model.
    2. Implement and tune custom detections and analytics rules based on developed use cases in Microsoft 365 Defender and Microsoft Sentinel.
    3. Develop knowledge articles, playbooks and procedures to support incident response activities based on use cases and the Departments IT environment.
    4. Collaborate with security engineers, infrastructure teams, system owners, and application development teams to develop and implement system-specific security monitoring approaches.
    5. Determine and drive team priorities, including implementation of toolsets and ingestion of log sources, to improve capability.
    6. Lead major and critical incident response investigations.
    7. Action escalated and complex security alerts and incidents.
    8. Mentor and lead other Cyber Security Analysts within the team.
    9. Provide advice and support to the Director, Cyber Operations and Executives as required.

    Every application requires to address selection criteria as part of application submission.

    Essential Criteria

    1. Demonstrated experience as a Senior Cyber Security Analyst working in Security Operations Centre, including detection engineering and incident response responsibilities.

    2. Demonstrated skills and experience in Microsoft Sentinel and Defender products, including responding to alerts and incidents and developing custom detections and analytics rules.

    3. Demonstrated experience in working with and investigating security log from different platforms and devices.

    4. Demonstrated experience in strengthening the maturity of a SOC.

    Desirable Criteria

    1. Experience facilitating incident response simulations.

    2. Experience utilising threat intelligence services and tools to inform detection engineering and enrich alerts and incidents.