**Length of contract: 12 Months**
**Contract extensions: Subject for approval**
**Security clearance: Must be able to obtain Negative Vetting Level 1**
**Working arrangements**
Subject to negotiations with line manager, hybrid working arrangements in line with current client policy are available (minimum of 3 days each week in the office, with flexible arrangements in place for the remaining 2 days). Please note this role will require working in a Security Operations Center in Canberra or Geelong with the potential for a requirement to work a rotating roster between 0700 and 1900 AEST.
The Junior Cyber Security Operations Analyst will undertake technical cyber security activities under the leadership of the Assistant Director of Cyber Security Operations. The Junior Cyber Security Operations Analyst must possess and demonstrate technical competency in areas of cloud security (Azure/AWS), endpoint and network security, threat intelligence and hunting, data loss prevention, vulnerability management, and incident response. The Junior Cyber Security Analyst will be required to support and contribute to the protection of the Agency's systems, users, and data, to support client's objectives.
As part of the Cyber Operations team, the role will help ensure that client has the capability to build and protect cyber-resilient information technology platforms and support strategic objectives. The role will involve the key responsibilities:
Conducting monitoring, investigation, and mitigation of security incidents within security tools (including Microsoft Defender 365 stack, Azure Security Centre, IntSights, Splunk)
- Analysing security event data and identifying suspicious/malicious activity from networks and systems
- Perform incident response activities while under direction
- Responding to events and incidents using established Standard Operating Procedures (SOPs)
- Escalate complex incidents, and engage with Subject Matter Experts
- Perform and manage phishing simulations
- Research new and evolving threats and vulnerabilities to the Agency's threat landscape
- Conduct log analysis and develop visualisation and reporting within Splunk
- Collaboration with Security Operations and IT engineers to implement security controls
- The ability to work under broad direction and to quickly gain knowledge of in a range of technologies
**Essential criteria**:
- Recent graduate with relevant cyber security qualifications, with 0-2 years' experience in CSOC roles. Evidence of training and working towards the completion of a certification.
- Demonstrated familiarity with log aggregation and Security Incident and Event Management (SIEM) systems
- Knowledge of the Information Security Manual (ISM) and cyber security concepts
- Demonstrated working knowledge of Incident Response Frameworks (NIST SP 800-61 Incident Handling Guide, MITRE Frameworks)
- Formal tertiary qualifications or industry certifications in a cyber security related field (e.g. Azure/AWS, Splunk Certified)
- Worked in a Security/Network Operations Center (or similar)
**Desirable criteria**:
- Sound written and verbal communication skills