Senior Cyber Security Analyst - [Archived Advertisement]

The Opportunity

• Monitor & manage the security of the environment at CSIRO
• Use your expertise to investigate complex cyber security events
• Join CSIRO, Australia's premier research organisation

The Cyber Security Services (CSS) team operates within the Information Management & Technology (IMT) business unit focusing on ongoing security operations, cyber resilience, and data protection. 

As a Senior Cyber Security Analyst on our team, you will work in a fast-paced and complex environment whilst managing competing team and individual priorities.  You will be competent in a multitude of cyber security disciplines with primary responsibilities in enterprise wide monitoring, threat detection, analytics and reporting.  You will also demonstrate expertise in the investigation of complex cyber security events, including the analysis of indicators of compromise, attacks, telemetry data and alerts.  In addition, you will contribute to the evolving technical capabilities within the team and undertake professional development supporting the ever-changing cyber environment.

Your duties will include:

• Conducting real time monitoring, analysis and triage of security events and alerts from multiple sources
• Detecting, identifying, investigating, and managing malicious activity and behaviour, intrusions, compromises, threats, and anomalies on the network.
• Escalating and triaging security alerts to the relevant team within CSS and IMT where applicable.
• Monitoring the health of security ‘sensors’, controls, and countermeasures through observation of overall performance, security risks and exposure, and effective resolution of issues.

Location: Canberra, ACT; Brisbane, QLD; Sydney, NSW; Melbourne, VIC; or Perth, WA
Salary: AU$98k - AU$106k plus up to 15.4% superannuation
Tenure: Specified term of 3 years
Reference: 73274

To be considered you will need:

• At least 2 years’ experience working in a cyber security operational capacity including actioning and triaging security alerts relating to the broader ICT environment.
• You will also need experience in the following:
  • Applying real time monitoring, analysis and triage of security events and alerts from multiple sources and industry tools.
  • Developing detection strategies, including attack models and use cases, to assist in further tuning detection capabilities and prevent incidents from recurring.
  • Incident investigation and resolution in a complex ICT environment working with multiple technical specialists and domains.
  • The application and operation of two or more of the following technologies and their security requirements: Splunk, Endpoint Detection & Response, Endpoint Protection (Anti-Virus), Threat Analytics, Vulnerability Management platforms, Intrusion Detection or Prevention systems, Firewalls, Email Security, Network Security, Active Directory, and DNS Security.
  • Microsoft, Linux/Unix operating systems and virtualisation technologies (Microsoft/VMware or Open Source).

For full details about this role please review the Position Description.

Eligibility

The successful applicant will be required to obtain and maintain a security clearance at Negative Vetting Level 1, for which you must hold Australian Citizenship.

Flexible Working Arrangements

We work flexibly at CSIRO, offering a range of options for how, when and where you work. Talk to us about how this role could be flexible for you. Balance

Diversity and Inclusion

We are working hard to recruit diverse people and ensure that all our people feel supported to do their best work and feel empowered to let their ideas flourish. Diversity and Inclusion Strategy

We are committed to the safety and wellbeing of all children and young people.

About CSIRO

At CSIRO, Australia's national science agency, we solve the greatest challenges through innovative science and technology.

Join us and start creating tomorrow today!

How to Apply

Please apply on-line and provide a cover letter and CV that best demonstrate your motivation and ability to meet the requirements of this role.

Applications Close

Thursday 1st July, 11:00pm AEST