Cyber Defence Specialist
We are seeking a highly skilled and experienced Cyber Defence Specialist to join our team. As a key member of our security team, you will play a critical role in operating and enhancing our cybersecurity services to protect our financial and information assets.
Working closely with our team of dedicated specialists, you will focus on Incident Response, SIEM Engineering, Application Security, Vulnerability Management, Threat Intelligence, and Security Awareness. You will be responsible for enhancing prevention, detection, triage, and remediation of security events through automation.
About the Role
This is an excellent opportunity for a motivated and forward-thinking individual to make a significant impact on our cybersecurity efforts. You will have the opportunity to develop your skills and expertise, as well as contribute to the development of our team.
Key Responsibilities:
* Incident Response: Lead and support cyber incident response, including investigation, remediation, post-incident root cause analysis, and security incident reporting.
* Detection Engineering: Develop and fine-tune cyber detection use cases, analyze security data for anomalies, and continuously improve detection capabilities using frameworks like MITRE ATT&CK to enhance threat detection and response.
* Automation Development: Develop automated incident response workflows via SIEM platforms (Splunk or Sentinel) for efficient triaging and incident handling, reducing manual effort and improving response time.
* Assist with Security Threat Intelligence monitoring, including identification of security threats to us and our customers, and collaborating with information sharing groups (government and industry).
* Support audit and regulatory compliance efforts, addressing security findings and recommendations.
* Partner with cross-functional teams to help shape and develop future DevSecOps capability.
* Develop and maintain security documentation, including processes, procedures, and technical reports.
* Work in close partnership with the Cyber Defence Lead and act as delegate when required.
Requirements
To be successful in this role, you must possess:
* A tertiary qualification in Cyber Security, Computer Science, or a related discipline.
* At least 5 years' experience in Cyber Security Operations, including Incident Response, Detection Engineering, SIEM Engineering, or Security Automation.
* Good scripting skills in Python, Bash, or PowerShell.
* Knowledge of multiple security frameworks, such as NIST, PSPF, CSF, OWASP, and ASD E8.
* Enterprise implementation and operation of security technologies, including Identity and Access Management, End Point Protection, DDoS Protection, Data Loss Prevention.
* Security compliance in financial and government environments.
* Security configuration and operation of Windows and Linux, Email gateway appliances, and technology, and Firewalls.
* Good understanding of Application Security Testing (SAST, DAST, SCA) and secure coding best practices in cloud environments.
* Demonstrated ability to build and maintain collaborative relationships.
* Strong analytical, problem-solving, and stakeholder management skills.
* Ability to proactively manage a varied workload, prioritize tasks, and meet deadlines.
Benefits
We offer a range of benefits, including:
* A permanent role with flexible and hybrid work options.
* Opportunities to expand your technical expertise with exposure to automation, AI security, and DevSecOps.
* Development as a leader by mentoring and guiding technical teams.
* Tailored learning and career pathways, from advanced technical training to leadership development.
* A collaborative, diverse, and supportive culture where knowledge-sharing is valued.
How to Apply
To apply for this opportunity, please submit your application, including a short cover letter along with your current resume.