Senior Cyber Security Analyst

, you will work in a fast-paced and complex environment whilst managing competing team and individual priorities. You’ll require competence in a multitude of cyber security disciplines with primary responsibilities with the engineering and maintenance of complex enterprise-wide monitoring, threat detection, analytics and reporting services.

You will demonstrate expertise in the investigation of complex cyber security events, including the analysis of indicators of compromise, attacks, telemetry data and alerts. You will also contribute to the evolving technical capabilities within the team and undertake professional development supporting the ever-changing cyber security environment.

Your duties will include:

Engineer and implement security controls that integrate and enhance the monitoring, alerting, investigation and threat detection capabilities of the Cyber Security Operations team.

Design and develop automations/integrations/tooling to enhance the detection and response capabilities of the team.

Develop detection strategies including attack models, event correlations and use cases, to assist in further tuning detection capabilities and prevent incidents from recurring.

Design, enhance and maintain the SIEM/SOAR infrastructure and services.

Maintain, develop and enhance the advanced security control capabilities of the enterprise firewalls, such as threat detection and URL filtering policies.

Maintain, develop and enhance the capability and integration of endpoint security control applications.

Location : Canberra, ACT; Brisbane, QLD; Sydney, NSW; Melbourne, VIC; or Perth, WA

Salary : AU$105 806 – AU$114 500 plus up to 15.4% superannuation

Tenure : Indefinite

Reference : 83601

To be considered you will need:

Essential

Minimum of five (5) years’ experience working in an ICT cyber security role within the large enterprise, system integrator or service provider space, or similar role, such as network/infrastructure/systems engineering.

Demonstrated experience using, managing and tuning endpoint security solutions (e.g. EDRs/XDRs)

Demonstrated experience using, managing and tuning a SIEM or a og aggregation platform (e.g. Splunk, LogRythm, Sentinel)

Demonstrated ability to apply analytical, conceptual thinking and broad technical skills to detect, identify, investigate, and manage malicious activity and behaviour, intrusions, compromises, threats and anomalies

Demonstrated experience with incident investigations and response or similar complex troubleshooting activities

Demonstrated ability to collaborate widely both internally and externally and provide advice and recommendations

Desirable:

Cyber Security related certifications (e.g. CCNA Cyber Ops, SSCP, CISSP, GSEC)

Experience using, managing and tuning the security related features of next-generation firewall solutions (e.g. URL filtering, threat detections, logging, etc)

For full details about this role please review the 

Eligibility

Applications for this position are open to Australian Citizens Only

Appointment to this role is subject to provision of a national police check and the ability to obtain and maintain a security clearance at the NV1 level

Flexible Working Arrangements

We work flexibly at CSIRO, offering a range of options for how, when and where you work.