Cyber Security Incident Response Specialist
This role is a key part of AEMO's digital evolution and cyber security strategy. The specialist will provide technical leadership in cyber defence and response activities, including triaging alerts, investigating security incidents, and providing response and containment against active threats.
The specialist will also proactively search for signs of malicious activity within AEMO infrastructure, drive detection improvements to cater for the ever-changing technology stack and cyber security threat landscape, conduct and lead digital forensic investigations to gather evidence and identify root cause of security incidents, contribute to the improvement of protective security controls, mentor and train other members of the Cyber Incident Response team, continual improvement/development of documentation, processes, playbooks and incident response, work closely with cross-functional teams, including other Digital teams to coordinate incident response efforts and process improvements, participate in on-call rotation responding to cyber threats outside business hours.
In this role you will have the opportunity to make a significant contribution to the execution of our digital evolve and cyber security strategy at AEMO.
Key responsibilities include:
* Providing technical leadership in cyber defence and response activities.
* Investigating security incidents and providing response and containment against active threats.
* Proactively searching for signs of malicious activity within AEMO infrastructure.
* Driving detection improvements to cater for the ever-changing technology stack and cyber security threat landscape.
* Conducting and leading digital forensic investigations to gather evidence and identify root cause of security incidents.
* Contributing to the improvement of protective security controls.
* Mentoring and training other members of the Cyber Incident Response team.
To be successful in this role you will need:
* Strong experience in cyber security incident response, preferably with experience working in critical infrastructure and/or the energy sector.
* Demonstrated experience in cyber incident investigation, response, threat containment and eradication.
* Demonstrated experience in digital forensic collection, investigation, timelining and organisation wide threat hunting.
* Strong analytical, investigation and problem-solving skills.
* Experience with Cyber Security Kill Chain and the MITRE ATT&CK Framework.
AEMO values diversity and inclusivity in the workplace, welcoming applications from all backgrounds without regard to age, disability, gender, sexual orientation, parental status, race, or religion.