JOB DETAILS

The Cybersecurity Defence and Response Specialist supports the development, evaluation and implementation of a range of appropriate processes, approaches, and activities to help mitigate and manage the risk from cyber threats and increase the protection
  
The team focuses on building our clients capability to identify and mitigate ongoing cyber threats and are pivotal in leading the operational response during any cyber incident. They manage all aspects of the incident response process working the agreed operating model involving the Incident Response Retainer and the Managed Security Operations Centre provider. 

This role is responsible for operational vulnerability management as part of security operations to protect our clients information and assets from cyber attacks, unauthorised access, misuse, disclosure, interruption or alteration.

MAJOR RESPONSIBILITIES 

• Facilitate the implementation of initiatives and service improvements by supporting the running of the Cyber Defence and Response team, and associated reporting, and escalation of issues, in consultation with the Manager.
• Manage the SOC and Incident Response Retainer relationships to enable productive and stable relationships with timely management of issues through to resolution. 
• Manage the operational response to cyber incidents, working with the Security Operations Centre and where relevant the Incident Response Retainer team.
• Proactively perform threat hunting to identify anomalous activity and improve detection and prevention capabilities to improve detection of threats and support strategic decision making and risk reduction. 
• Lead complex investigation activities and manage actions with relevant stakeholders and partners. 
• Manage the completion (working with junior analysts) of technical forensic investigation and report on alerts and anomalies in a timely manner. 
• Develop and document cybersecurity processes, procedures, and policies to ensure consistency in approach to progress readily available, standardised documentation which undergoes a regular review cycle. 
• Contribute to the ongoing development and professional growth of junior team members and interns by providing support, guidance, and training

The Cybersecurity Defence and Response Specialist will collaborate with the following:

• The AARNet Security Operations Centre (SOC) managed service 
• The Australian Higher Education Cyber Security (AHECS) community and AusCERT, with a particular focus on Cyber Threat Intelligence, attack modelling and detection & response capability areas. 
• Manage the Incident Response Retainer partner. 
• Manage key vendors (e.g. Microsoft; AWS; Akamai; Mimecast; Armis; Prisma etc).

Experience Required

• Demonstrated experience in security operation centre environments, threat detection, event prioritisation and incident response. 
• 5-6yrs experience of Cyber Security operations within a SOC environment
• Strong experience and interest in cybersecurity, the threat landscape, cyber frameworks, cybersecurity architecture and risk assessment 
• Strong technical understanding of IT/OT security systems, cloud environments and the shared responsibility model 
• Specialised knowledge in the management, configuration, and support of security controls across a variety of areas such as endpoint protection, logging and architecture formats, privilege access management, application, and operating system security. 
• Broad understanding of IT Security principles associated with networks, internet, email, operating systems, firewalls, VPN's, databases, virus management, intrusion detection, cryptography, and ecommerce, with a deeper specialisation in at least two of these fields. 
• Demonstrated ability to establish and maintain effective working relationships with internal and external stakeholders, to enable successful business outcomes. 
• Strong communication (written and verbal) and presentation skills that are clear and effective, with the ability to persuade, influence and negotiate with stakeholders at all levels. 
• Advanced time management skills, with a demonstrated ability to respond to changing priorities, managing multiple tasks and meet competing deadlines by using own judgement. 
• Excellent problem-solving skills with a proven capacity to exercise initiative and develop solutions to complex problems. 

If you are currently looking for an opportunity to to join an existing program of work in Sydney where you can showcase your Cyber Security skillset - get in touch for a confidential chat.