Total Salary package: $80,743.52 - $110,886.88 incl.
4% Service Allowance (plus 15.4% Super)Brisbane CBD - QLD,Canberra - ACTThe RoleThe duties of an ASD4, 5, 6 Information Security Analyst occupation in ASD include the following (note: not all duties are required to be performed during a 12-month performance cycle): ASD4 Information Security AnalystThe ASD4 Information Security Analyst role is responsible for monitoring the Security Operations Centre (SOC) situational awareness and automation tools for security events and alerts, including the analysis, investigation, escalation or closure of alerts.
To perform these functions, ASD4 Analysts perform the following tasks: Monitor incoming alert queues for potential security incidents Perform initial investigation analysis and triage of alerts, documenting findings in the Incident Management platform Maintain use-case playbooks, checklists and analyst Standard Operating Procedures (SOPs) Monitor the log health of SIEM Index's and report variations outside normal levels to Senior Analysts, Security Engineers and their team lead Support Incident Response activities as required Conduct research and intelligence gathering regarding emerging threats and exploits ASD5 Information Security AnalystThe ASD5 Information Security Analyst are responsible for monitoring the Security Operations Centre (SOC) situational awareness and automation tools for security events and alerts, with a greater degree of autonomy than expected from an ASD4 Analyst.
To perform these functions, ASD5 Analysts perform the following tasks: Investigate information security incidents in line with broad direction set out by senior staff, while ensuring that incident response processes are being followed.
Analyse and resolve identified security incidents in accordance with established procedures and recommend any required actions.
Contribute to digital forensic investigations by processing and analysing evidence and artefacts in line with policy, standards and guidelines and support production of forensics findings and reports.
Utilise a diverse set of capabilities, including various SIEM and investigation capabilities, to investigate cyber security incidents.
Be able to develop skills in new capabilities as required as part of investigations.
5.
Provide assistance with the development of a technical remediation plan and deliver findings to system owners and stakeholders.
Communicate technical findings and recommendations through formal reporting, briefs, emails and verbal advice in accordance with the Australian Signals Directorate writing standards.
Collaborate with organisations and stakeholders to provide remediation advice/plan to system owners and managers in order to improve system security posture.
Build and sustain effective working relationships with team members and actively participate in teamwork and group activities.
Facilitate appropriate direction, including technical direction, for their employees by clearly communicating goals and objectives.
ASD6 Information Security AnalystASD6 Information Security Analysts are employed in either the Security Operations Centre (SOC) or Protective Monitoring teams.
These teams are responsible for analysing information from multiple sources to protect ASDs people, resources and capability.
The SOC is responsible for monitoring for external threats, and Protective Monitoring responsible for monitoring risks associated with ASD and DIA employees.To perform these functions, ASD6 Analysts perform the following tasks: Security Operations Centre (SOC) TeamThe Information Security Analysts role is performed ASD6 Analysts with a high degree of experience in the SOC roles.
In addition to the tasks performed by an ASD5 Analyst, ASD6 Analysts are responsible for the following tasks: Provide Subject Matter Expertise (SME) when performing investigation analysis and the development of new security use-cases Review security use-cases in development and provide an approval gateway at each step of the development lifecycle Manage the implementation of security use-cases in SIEM and Automation platforms Escalation point for security Incidents Protective Monitoring TeamAnalyse and report on security-relevant data for Personnel Security investigations Monitor incoming alert queues for potential security incidents Perform initial investigation analysis and triage of alerts, documenting findings in the Incident Management platform Maintain use-case playbooks, checklists and analyst Standard Operating Procedures (SOPs) Develop and maintain automated reports Develop security use-cases to detect abnormal activity Monitor the log health of SIEM Index's and report variations outside normal levels to supporting Capability staff.
Support Personnel Security activities as required, including the case management process Mentor Trainee Analysts Further information can be found at: I'm changing my career | Australian Signals Directorate (asd.gov.au)About our TeamAs an Information Security Technologist for Information Security Branch, you will work with teams from across the organisation to ensure interoperability of systems so that a variety of security incidents and risks across all Defence Intelligence networks are appropriately detected, addressed, and reported on to enable the security of the ASD's IT systems and missions.
As a critical member of our Information Security Branch, our Information Security Analysts are generally responsible for: Achieving moderately complex analysis and investigation of malicious cyber security incidents.
Communicating with, responding and providing advice to a range of stakeholders on moderately complex operational and administrative issues.
Utilising a diverse set of tools and capabilities to investigate cyber security incidents.
Proactive system monitoring.
Continuous improvement and optimisation across systems.
Documenting their work.The role will require excellent communication skills as you engage across the Agency and the Defense Intelligence Agency (DIA).
You will need to manage your activities and performance in accordance with legislation and the ASD policies and procedures.
High levels of maturity and professionalism are requirements of this role due to the sensitive nature of some tasking.
This will require Information Security Branch technologists to display sound judgement, integrity, honest and discretion across all tasks and work processes.
As a branch, Information Security will support your development in the agency through training and mentoring both on and off the job, providing the opportunities for you to push your skills within a strong and supportive work environment.
We are looking for candidates who are motivated to leverage these opportunities to grow and develop their skills to further support ASD's mission.
