Educational requirements: Bachelor
English requirements: Competent English
Requirements for skilled employment experience for years: 3-5 years
Required residence status: Temporary visa, Permanent resident, Citizen
Accept remote work: unacceptable
The Opportunity
Flexible work arrangements! Mix of home and office.
Career development opportunity
The Cyber Security Operations team operates within the Enterprise Platforms division as part of the wider Information Management & Technology (IMT) business unit, providing ongoing operational monitoring and assurance activities over enterprise security controls across the organisation.
As the Senior Cyber Security Engineer, you will work in a fast-paced and complex environment whilst managing competing team and individual priorities. You’ll require competence in a multitude of cyber security disciplines with primary responsibilities with the engineering and maintenance of complex enterprise-wide monitoring, threat detection, analytics and reporting services.
You will demonstrate expertise in the investigation of complex cyber security events, including the analysis of indicators of compromise, attacks, telemetry data and alerts. You will also contribute to the evolving technical capabilities within the team and undertake professional development supporting the ever-changing cyber security environment.
Your duties will include:
Engineer and implement security controls that integrate and enhance the monitoring, alerting, investigation and threat detection capabilities of the Cyber Security Operations team.
Design and develop automations/integrations/tooling to enhance the detection and response capabilities of the team.
Develop detection strategies including attack models, event correlations and use cases, to assist in further tuning detection capabilities and prevent incidents from recurring.
Design, enhance and maintain the SIEM/SOAR infrastructure and services.
Maintain, develop and enhance the advanced security control capabilities of the enterprise firewalls, such as threat detection and URL filtering policies.
Maintain, develop and enhance the capability and integration of endpoint security control applications.
Location: Canberra, ACT; Brisbane, QLD; Sydney, NSW; Melbourne, VIC; or Perth, WASalary: AU$105 806 - AU$114 500 plus up to 15.4% superannuationTenure: IndefiniteReference: 83601
To be considered you will need:
Essential
Formal tertiary qualifications in one or more of the following: Computer Science, Engineering or related technical field. In lieu of this, a proven minimum of ten (10) years’ experience working in an ICT environment may be substituted.
Minimum of five (5) years’ experience working in an ICT cyber security role within the large enterprise, system integrator or service provider space, or similar role, such as network/infrastructure or systems engineering.
Demonstrated experience managing and developing the capabilities of tools within the logging/SIEM/SOAR space, such as but not limited to, Splunk, Splunk ES, Elastic, MS Sentinel, PA XSOAR.
Demonstrated experience managing and developing the capabilities of tools within the endpoint security space, such as but not limited to, CylanceProtect, JamfProtect, CarbonBlack, MS Defender.
Desirable:
Cyber Security related certifications (e.g. CCNA Cyber Ops, SSCP, CISSP, GSEC).
Demonstrated experience developing the features and capabilities of network detection and response tools/systems, such as, but not limited to Palo Alto and Cisco NGFWs, ExtraHop, Cisco Secure Network Analytics, etc.
