T3 Security Analyst

Location: Australia
Discipline: IT & Cyber Security
Job type: Full Time
Salary: $AU$150000 - AU$180000 per annum
Contact name: Elsa Ambrosini

Contact email: elsaa@thenetworkit.com
Job ref: BBBH8101_1669786772
Published: over 1 year ago
Startdate: ASAP

Cyber Security Analyst - Level 3

Benefits

  • Fully remote - work from anywhere in Australia
  • A fun place to work with a loyal team of exceptional talent
  • Innovative Australian cyber operations company focused on Managed Detection and Response, servicing the public and private sector

About the Company:

Company's team of experts have been involved in the delivery of cyber security and operational outcomes for Australian Government and international enterprises for, in some cases, over 20 years. This includes working in Australia, the Middle East, Africa, South-East Asia and the Americas.

Benefits & Perks:

  • Reputable IT Consultancy with a strong and unique culture
  • Flexible working and autonomy
  • Service customers in Federal government, mining, banking and critical infrastructure.

About the role:

Be part of the SOC leadership team, help make decisions that define the strategy, drive change, and provide better services for clients.
Reporting to the Security Operations Centre (SOC) Team Lead, the L3 Security Analyst fills a leadership role 24x7 SOC. Objective is to provide fully managed detection and response capability to a suite of international clients. The role will be part of the L3 escalation roster, providing first class incident response capability to identified threats and alerts using the latest tools, processes, and techniques.

General Tasks:

  • Act as an escalation point to ensure timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities.
  • Analysis of security events from multiple sources including but not limited to events from the Security Information and Event Management tool, network intrusion systems and Host based Intrusion Prevention tools (EDR, AV, HIPS, Cloud app security)
  • Use cyber defence tools for analysis of system activity to identify malicious activity
  • Raise cyber security incidents using service management software (Jira) to inform customers and remediate threats
  • Analyse identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
  • Determine tactics, techniques, and procedures (TTPs) for intrusion sets.
  • Isolate and remove malware.
  • Prepare and distribute security related information, including reports, security alerts, or advisories
  • Document incidents (including event history, status, and potential impact for further action) that may cause ongoing and immediate impact to the client or the company
  • Comply with and assist in the maintenance of ISMS processes and accreditations (including ISO27001)

You got an excellent knowledge of:

  • Cyber threats and vulnerabilities.
  • Cybersecurity principles.
  • Relevant reporting and dissemination procedures.
  • Applicable business processes and operations of customer organizations.
  • Adversary tactics and techniques (Mitre ATT&CK Frameworks).
  • Authentication, authorization, and access control methods.
  • Basic cyber operations activity concepts (e.g., foot printing, scanning and enumeration, penetration testing, allow/deny listing).
  • Common Forensics tool configuration and support applications (e.g., Volatility, Registry Recon, WireShark).
  • Cyber operations terminology/lexicon.
  • Different classes of attacks (e.g., passive, active, insider, close-in, distribution).
  • Different operational threat environments (ICS, Cloud, On Premise).
  • Emerging computer-based technology that has potential for exploitation by adversaries.

Must be an Australian Citizen to apply for this role, and be able to attain and maintain an Australian Federal Government security clearance at the NV1 level or higher

How to apply

If you think that you want to make a real impact for a leading company, then APPLY NOW or contact Elsa on 0452 426 715 or elsaa@thenetworkit.com for a confidential chat.