Leidos is a Fortune 500 Technology, Engineering, and Science Solutions and Services leader. Leidos' 47,000 global employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $15.4 billion for the fiscal year ended December 29, 2023.Leidos Australia has been a trusted partner to the Australian Government, including the Department of Defence, for more than 25 years, having delivered some of the most complex software and systems integration projects in Australia. With a local workforce of around 2,000, of which 85% hold a government security clearance, we have one of the largest security-cleared workforces in Australia. Our team is also backed by Leidos' global expertise, experience and capabilities.We've got so much to offer at Leidos, here are a just a few of the Benefits we provide our team:5 weeks Annual Leave & Shift Loading to increase your take home pay.Professional development and support to set you up for success and assist you in achieving your career aspirations.Leidos Life Hub provides access to discount offers or cashback rewards with over 400 Australian and International retailers.Job DescriptionAt Leidos Australia, we operate a 24x7x365 Central Processing Cyber Security Operations Centre (CP SOC) capability, with the Department of Defence. CP SOC works collaboratively with the Defence Security Operations Centre (DSOC) to assist in defending one of the largest and most complex ICT networks in the southern hemisphere.We are seeking an experienced Cyber Security Analyst to join our team member to achieve Defence mission outcomes.This is a permanent role that requires the successful applicant to work on a rotating shift roster (typically 12 hour shifts) onsite at HMAS Harman in Canberra.This role offers you the opportunity to:Develop your technical and cyber security skill setsBuild and shape security tooling to defend critical national security infrastructureChallenge yourself by sinking your teeth into some wicked problem setsHelp build the team culture that you have always wanted to work inTo be successful in this role you will need:Self-starting individual with the right attitude, aptitude and zeal to identify, take ownership of and solve challenging problemsInterest in continual learning and development of themselvesBe prepared to rapidly upskill yourself to respond to adversariesStrong communication and stakeholder management skillsA working knowledge of applicable industry and government cyber security frameworksAs a Cyber Security Analyst, working within a 24/7 Security Operations team, you will monitor networks and endpoints for security events, alerts, active threats, intrusions and compromises and perform triage. Depending on the issue you may manage the event end to end, consult with your peers or escalate as appropriate.This is a great opportunity to build upon your existing technical knowledge and skills and grow your career in a dedicated cyber security role. Your responsibilities will include:Analysis of security events from multiple sources including but not limited to events from the Security Information and Event Management tool, network intrusion systems and Host based Intrusion Prevention tools (AV, HIPS, Application Whitelisting);Monitor and assess emerging threats and vulnerabilities to the environment and ensure those requiring action are addressed;Security Incident Management, advice and education and maintaining the currency and health of the deployed security tools;Provide technical administration support for security suite of software and hardware;Produce contractual and stakeholder reports and review, document and improve processes to contribute to the overall security of the environment.Develop your leadership skills, and within the broader team, to meet mission and contractual outcomesWorking collaboratively with stakeholders to triage, manage and report on security incidentsBuild relationships with stakeholdersActively develop SOC tactics, techniques and procedures (TTP's) and security toolsetsDevelop custom signatures to Identify, Detect, Protect, Respond and Recover from adversary's attacks.Undertake Incident Response activities using known adversary TTP's and Indicators of Compromise (IOC's) to detect advanced threats.Undertake Incident report writing development of security operational documentationQualificationsAbout You and What You'll BringCoupled with your education and/or practical experience, you will be customer-focused and motivated to learn new technologies and go the extra mile to ensure customer needs are met. In addition you will demonstrate the following knowledge and skills:Cyber Security or IT experience performing critical thinking tasks, troubleshooting endpoint or network issuesUnderstanding of incident management and response and reviewing threat data from various sources.Experience reviewing raw log files, data correlation and analysis would be an advantage i.e. firewall, network, IDS, system logs.A demonstrative willingness to learn Cyber and a desire to learn and grow.Demonstrated expertise in monitoring SIEM (Splunk or equivalent) apps, rulesets, dashboards and workflows is essential;Demonstrated intermediate Windows, Linux and Networking experience highly desired;Demonstrated experience with Trellix EPO, Tenable and/or Palo Alto platforms, or similar, highly desired;Industry ICT Security qualifications such as CompTIA Sec+, CISSP, GIAC, GCIH etc desired, but not essential;Demonstrated ability to consistently produce excellent results in a complex environment;Current NV1 or NV2 clearance.Successful candidates will be required to be Australian Citizens and hold and maintain a minimum NV-1 Australian Government Security Clearance, with the expectation of obtaining an NV-2.Additional InformationAt Leidos, you'll enjoy 12 weeks' paid parental leave as a primary carer, flexible work practices, discounted health insurance, novated leasing and more. Foster your career through complete access to learning and development and mentoring opportunities, we have a strong track record of internal promotion and career transitions.As a business we are focusing on setting people up for growth and success, so individuals can develop specialist skills and make significant contributions whilst broadening their experience within the cyber security field. If this sounds like you and you have the right attitude coupled with the willingness to challenge yourself and want to be in a team delivering security capability for government – apply today.We embrace diversity and are committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islander peoples, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities, and age groups.
#J-18808-Ljbffr