Senior Cyber Security Analyst

Apply now »

Date: 28 Aug 2024

Location: Canberra, ACT, AU Sydney, NSW, AU Brisbane, QLD, AU Perth, WA, AU Melbourne, VIC, AU

Company: CSIRO

Acknowledgement of Country

CSIRO acknowledges the Traditional Owners of the land, sea and waters, of the area that we live and work on across Australia. We acknowledge their continuing connection to their culture and pay our respects to their Elders past and present. View our vision towards reconciliation

Child safety

CSIRO is committed to the safety and wellbeing of all children and young people involved in our activities and programs. View our Child Safe Policy.

The opportunity

 

  • Supportive and truly inclusive environment. 
  • Innovative and rewarding workplace with fantastic flexibility 
  • Grow your career with Australia's premier research organisation

 

The Cyber Security Operations team operates within the Enterprise Platforms division as part of the wider Information Management & Technology (IMT) business unit, providing ongoing operational monitoring and assurance activities over enterprise security controls across the organisation.

 

As a Senior Cyber Security Analyst, you will work in a fast-paced and complex environment whilst managing competing team and individual priorities. You’ll require competence in a multitude of cyber security disciplines with primary responsibilities with the engineering and maintenance of complex enterprise-wide monitoring, threat detection, analytics and reporting services. You will demonstrate expertise in the investigation of complex cyber security events, including the analysis of indicators of compromise, attacks, telemetry data and alerts. You will also contribute to the evolving technical capabilities within the team and undertake professional development supporting the ever-changing cyber security environment.

Your duties will include:

 

  1. Minimum of five (5) years’ experience working in an ICT cyber security role within the large enterprise, system integrator or service provider space, or similar role, such as network/infrastructure/systems engineering. 
  2. Demonstrated experience using, managing and tuning endpoint security solutions (e.g. EDRs/XDRs) 
  3. Demonstrated experience using, managing and tuning a SIEM or similar platform (e.g. Splunk, Sentinel)  
  4. Demonstrated ability to apply analytical, conceptual thinking and broad technical skills to detect, identify, investigate, and manage malicious activity and behaviour, intrusions, compromises, threats and anomalies 
  5. Demonstrated experience with incident investigations and response or similar complex troubleshooting activities 
  6. Demonstrated ability to collaborate widely both internally and externally and provide advice and recommendations  

 

Location: Black Mountain - Canberra, ACT, Pullenvale - Brisbane, QLD, Lindfield - Sydney, NSW, Clayton - Melbourne, VIC, Kensington - Perth, WA

Salary: AU$110k - AU$119k plus up to 15.4% superannuation

Tenure: Indefinite

Reference: 97533

To be considered you will need:

 

  • Engineer and implement security controls that integrate and enhance the monitoring, alerting, investigation and threat detection capabilities of the Cyber Security Operations team.
  • Design and develop automations/integrations/tooling to enhance the detection and response capabilities of the team.
  • Develop detection strategies including attack models, event correlations and use cases, to assist in further tuning detection capabilities and prevent incidents from recurring.
  • Design, enhance and maintain the SIEM/SOAR infrastructure and services.
  • Maintain, develop and enhance the advanced security control capabilities of the enterprise firewalls, such as threat detection and URL filtering policies.
  • Maintain, develop and enhance the capability and integration of endpoint security control applications.
  • Review and contribute to the security incident response plan and accompanying playbooks

 

For full details about this role please review the Position Description

Eligibility

Applications for this position are open to Australian Citizens Only

Appointment to this role is subject to provision of a national police check and the ability to obtain and maintain a security clearance at the NV1 level.

Flexible working arrangements

We work flexibly at CSIRO, offering a range of options for how, when and where you work. 

Diversity and inclusion

We are working hard to recruit people representing the diversity across our society, and ensure that all our people feel supported to do their best work and feel empowered to let their ideas flourish. 

About CSIRO

At CSIRO Australia's national science agency, we solve the greatest challenges through innovative science and technology. We put the safety and wellbeing of our people above all else and earn trust everywhere because we only deal in facts. We collaborate widely and generously and deliver solutions with real impact. 

 

CSIRO is committed to values-based leadership to inspire performance and unlock the potential of our people.

 

Join us and start creating tomorrow today!

How to apply

Please apply on-line and provide a cover letter and CV that best demonstrate your motivation and ability to meet the requirements of this role.

Applications close

Wednesday 22nd of September 2024, 11:00pm AEST

 

Shortlisting for this role will take place as applications are received. We therefore reserve the right to close this vacancy once a suitable candidate has been appointed,

Please consider applying as soon as possible.