Australia greater geelong contract negotiable**The opportunity**
Our highly valued client is a federal government agency, who are seeking an APS5 Junior Senior Cyber Security Operations Analyst to join the Protective and Cyber Security Branch.
- Geelong location with minimum 3 days in the office
- Daily rate range negotiable
- 12 month initial contract plus 12 month extensions
**The role**
As a Junior Cyber Security Operations Analyst will undertake technical cyber security activities under the leadership of the Assistant Director of Cyber Security Operations. You must possess and demonstrate technical competency in areas of cloud security (Azure/AWS), endpoint and network security, threat intelligence and hunting, data loss prevention, vulnerability management, and incident response. You will be required to support and contribute to the protection of the Agency's systems, users, and data. As part of the Cyber Operations team, the role will help ensure the capability to build and protect cyber-resilient information technology platforms and support strategic objectives. The role will involve the key responsibilities: Conducting monitoring, investigation, and mitigation of security incidents within security tools (including Microsoft Defender 365 stack, Azure Security Centre, IntSights, Splunk)
Please note that this role has the potential for a requirement to work a rotating roster between 0700 and 1900 AEST.
Duties will include:
- Analysing security event data and identifying suspicious/malicious activity from networks and systems
- Perform incident response activities while under direction
- Responding to events and incidents using established Standard Operating Procedures (SOPs)
- Escalate complex incidents, and engage with Subject Matter Experts
- Perform and manage phishing simulations
- Research new and evolving threats and vulnerabilities to the Agency's threat landscape
- Conduct log analysis and develop visualisation and reporting within Splunk
- Collaboration with Security Operations and IT engineers to implement security controls
- The ability to work under broad direction and to quickly gain knowledge of in a range of technologies
**Skills and experience**
To succeed in this role you will need:
- Up to 2 years experience in CSOC roles coupled with cyber security qualifications and certification
- Demonstrated familiarity with log aggregation and Security Incident and Event Management (SIEM) systems
- Knowledge of the Information Security Manual (ISM) and cyber security concepts
- Demonstrated working knowledge of Incident Response Frameworks (NIST SP 800-61 Incident Handling Guide, Mitre Frameworks)
- Formal tertiary qualifications or industry certifications in a cyber security related field (e.g. Azure/AWS, Splunk Certified)
- Worked in a Security/Network Operations Center (or similar)
Please note that this role is only open to Australian Citizens, and you must be eligible to obtain an NV1 security clearance.
**Apply**: