The Cyber Security Analyst will be responsible for security data analysis, configuration and operation of enterprise security management tools.
- Permanent Full Time
- Global IT Company - Federal Government Client
- Baseline / NV1 clearance is required
You will be accountable for the configuration, tuning and operation of enterprise security management tools in order to proactively detect and respond to cyber security related attacks. In addition, you will focus on delivering security detection, monitoring and prevention capabilities for both physical and virtual infrastructures for a large key Federal Government customer.
- Undertake security data analysis and event tracking activities on a full time basis, assigned to an enterprise, Australian Government client.
- Automate and orchestrate security provisioning of anti-malware and network IPS services at the network and gateway.
- Utilise SIEM data and correlated logs containing IDS/IPS, AV, web application firewalls; Operating System events, web proxy, and similar data to establish context, policies and scope.
- Proactively configure, tune and operate Intrusion Prevention and associated security systems to mitigate active and potential threats.
- Monitor open source and custom intelligence feeds for emerging vulnerabilities and threats, assess and triage these in the context of risks to the client base.
- Review and recommend policy improvements to network security devices and applications.
- Work to identify critical event data for additional analysis and escalation as appropriate.
- Ensure that all Service Level Agreements (SLAs) pertaining to security events/incidents are met.
- Experience in delivering security services/outcomes within the Australian Government context.
- Proven working knowledge in Cyber Security.
- Strong technical security analytics and IPS skills with hands-on experience.
- Demonstrated experience as a security analyst with primary responsibilities centered on threats intelligence and vulnerability management
- Strong technical and demonstrated knowledge across a range of midrange and gateway platforms, including Cisco, TrendMicro, Symantec, FireEye, Windows and Unix
- Demonstrable knowledge of scripting/programming tools such as PowerShell and SQL scripting.
- Tertiary academic qualifications in a relevant discipline
- One or more of the following industry certifications would be highly advantageous: CISSP, CISM, CCSE, CCIE, CCNA, MCSE or GIAC
Job Ref: 2992867
TO APPLY: please click on the appropriate link.