cyber security engineer - Melbourne, Australia - Balance Recruitment

    Balance Recruitment
    Balance Recruitment Melbourne, Australia

    1 month ago

    Default job background
    Full time
    Description
    Permanent role Upto $170k pkg inc super Any capital city in Australia

    Cyber Security Engineer – Automation

    Pivotal role: automate Incident Response / SOC processes Any Capital city

    • Prestigious Australian company.
    • Innovative technical team and great culture. Hybrid.

    Our client is a global player in the supply chain and logistics space.

    They are currently looking for Cyber Security Engineer professional to help automate Incident Response capabilities.

    In order to succeed in this role, you must be passionate about Cyber Security, have strong Splunk ES and SOAR experience and overall incident response.

    This is an opportunity to work with a very talented team, in a hybrid work environment.

    In this role, you will be responsible for automation and the development of cutting edge use cases using industry leading tools like Splunk and CrowdStrike.

    This role will refine current processes and develop use cases for better threat detection, identify and implement improvement in response and resolution (MTTR/MTTA) of security incidents through orchestration and automation of response procedures.

    Responsibilities will include:

    Security Orchestration and Automated Response (SOAR):

    • Perform scripting and automation of incident response and management.
    • Innovate Automation design into new capabilities.
    • Identify opportunities to improve and automate current processes and operations.
    • Develop dashboards to track KPIs.

    Security Incident Detection and Response:

    • Participate in the root cause analysis and remediation activities.
    • Participate in red, blue and purple team exercises and cyber war games.
    • Improve efficiency of security operations processes and procedures through use case development and automation.

    Your ideal background:

    • Previous experience in Cybersecurity Operations (SOC) automation
    • Strong background in Splunk ES scripting (i.e. Python, PowerShell and/or JSON, API, SQL, etc) and manual log analysis
    • Experience working with security tools including Microsoft )365, Azure, AWS, CrowdStrike, Splunk ES and Splunk SOAR
    • Strong knowledge of networks and servers (Windows/Unix) fundamentals
    • Good understanding of MITRE ATT & CK framework.
    • Solid understanding of NIST Cyber Security Framework or ISM.
    • Good understanding of Cyber Security best practices and ideally a background in incident management and incident response
    • Splunk professional certs highly advantageous

    This role will be offered as a permanent position and can be based in most capital cities – work arrangement will be hybrid. The salary on offer is competitive.

    Interested? Apply by sending your CV to Silvia at Balance Recruitment

    Balance Recruitment is committed to equal opportunity employment. We celebrate diversity and encourage people from all sections of the community to apply.