Cyber Security Analyst
- Role located in Canberra
- 12 month contract with a 2×12 month extension options available
- Applications close on Friday 11/6/2021
- Anticipated start date 1/7/2021
- An NV1 security clearance is required
A Cyber Security Analyst is required to:
- Effectively and efficiently respond to incidents generated from several security tools used by the department;
- Proactively threat hunt using several security tools used by the department, including SIEM and centralised logging facilities;
- Create and document playbooks that analysts can utilise for incident response;
- Utilising and configuring the M365 suite of security tools, e.g. Defender for Endpoint/Identity, MCAS, Advanced Hunting (KQL); and
- Manage end-to-end investigations including communicating and collaborating with technical and business areas and other Government agencies.
- Demonstrated experience performing cyber security incident response activities, developing playbooks/SOPs or similar documentation and the creation, and tuning of alerts and events.
- Demonstrated experience in using Microsoft cloud security technologies including Azure Security Centre, Microsoft 365, and Microsoft ‘Defender for’ tools (Endpoint, Identity, Office 365 etc.), including threat hunting using KQL.
- Demonstrated knowledge of cyber security principles, processes, and techniques in a defensive context.
- Ability to learn and understand how the operating environment functions normally and effectively identify anomalies when they occur.
- Ability to independently manage end-to-end investigations including communicating and collaborating with technical and business areas and other Government agencies.
- Experience with AWS & Azure logging mechanisms.
- Experience with syslog-ng and/or syslog-ng Store Box products, Logrhythm SIEM or other SIEM products.
- Experience with regular expressions (Regex), scripting (PowerShell, Bash, Python) and other security tools as relevant in a defensive security context.