AYAN InfoTech is looking for Endpoint Analyst / End User Application Architect to join an exciting project based in Sydney. The role offers you the opportunity to contribute towards an extremely well structured and mature environment, working on sophisticated enhancement projects.
Role: Endpoint Analyst / End User Application Architect
Location: Sydney
Contract Duration: 6 Months with high possible extensions
Experience: 7+ Years
Key Responsibilities:
* Capture the most restrictive configurations for web browsers, office productivity suites, and PDF software based on ASD and vendor hardening guidance.
* Review the current implementation status of web browsers, office productivity suites, and PDF software.
* Confirm and identify the use of Internet Explorer 11.
* Document the current state process of PowerShell module logging, script block logging, and transcription events.
* Perform a current state analysis of new controls.
* Ensure command line process creation events are centrally logged.
* Protect event logs from unauthorized modification and deletion.
* Analyze event logs from internet-facing servers in a timely manner to detect cybersecurity events.
* Identify and document all gaps in controls, policies, and configurations.
* Assess potential risks associated with non-compliance and prioritize remediation efforts.
* Review exceptions for use cases where the most restrictive controls are not implemented and validate if compensating controls are adequate.
* Assess and implement MS recommended Blocklist (MRB) across workstations.
* Conduct a Business Impact Assessment on workstations to assess the operational impact of blocking MRB-listed applications.
* Validate the coverage of current 'LOLBAS' blocking against the MRB to ensure that applications already blocked in the environment are aligned with the MRB blocklist.
* Identify and implement compensating controls for applications that cannot be blocked due to operational dependencies, ensuring security is maintained in such cases.
* Ensure changes made to implement MRB are fully documented, and that the implementation aligns with updated Essential Eight ML2 requirements, ready for audit purposes.
* Extract application usage data from Microsoft Defender to determine whether applications/executables on the recommended block list.
* Implement continuous monitoring of MRB compliance and update it regularly to address new vulnerabilities, ensuring it remains effective.
* Ensure that MRB blocking rules apply correctly to both privileged and standard user groups, considering role-based access control (RBAC) for different user types and their specific needs
Contact: 61-(02) 7207 6926 for more details.
Please note we will be able to contact only shortlisted candidates for this role. We thank you in advance for your interest.
#J-18808-Ljbffr