Company For more than 20 years, people in Australia have placed their trust in Beyond Blue as a reliable source of mental health information, support, and hope.
We are one of Australia's most well-known, trusted, and visited mental health organisations.
We never take this for granted.
With it comes a deep responsibility to listen, to understand people's needs and aspirations, and to ensure they are at the heart of everything we do.
We are a big blue door for many in the community: a safe and reliable place for millions of people to access information, advice and support – whether they're well and want to stay that way, unsettled or struggling and need support, or in recovery and want to reconnect.
About this Position The Cyber Security Specialist is responsible for the implementation, operation and governance of cyber security tools and procedures that are used to identify, protect, detect, respond and recover from cyber incidents across the organisation.
This includes ensuring Beyond Blue's cloud and on-premise environments are secure through proactive response to active and emerging threats to our staff, IT environment and supported community.
This role is linked to the core goals of Understanding and Integrity within Beyond Blue's 2023+ strategy.
Due to the nature of the role, the Cyber Security Specialist is expected to be contactable outside of their ordinary working hours, and to work additional hours as reasonably necessary from time to time.
The role The key duties of the role include: Threat Management Act as the primary linkage between the outsourced SOC provider and the Beyond Blue technology and business teams.
Monitor security alerts from staff and external SOC providers, taking appropriate action to ensure timely response is taken.
Review vulnerability scans, penetration test reports and threat advisories to identify appropriate actions to be taken.
Perform security management tasks covering security change management, security configuration management, identity and access management and endpoint security.
Cyber Protection Provide input into the cyber security program, as well as implementation of this.
Ensure action plans are consistent with better practice, the Australian Signals Directorate cyber security mitigation strategies, NIST CSF and ISO security frameworks.
Identify security uplift actions to address identified capability gaps and cyber risks.
Support cyber incident response activity.
Implement cyber education programs and phishing simulation campaigns to ensure ongoing maturity in information security awareness.
Contribute to business continuity and disaster recovery planning and testing.
Governance and Better Practice Consult with Technology Project and Product teams to ensure solutions are consistent with the organisation's enterprise security architecture and cyber security risk framework.
Participate in third party supplier security risk management assessments in conjunction with Technology, Privacy, Commercial and Risk teams to manage risk of information held or access to information.
Keep abreast of latest trends, regulatory and legal requirements to enhance security maturity levels.
Contribute to the development and maintenance of cyber security policies and procedures.
Maintain cyber risks as reported in the enterprise and project risk registers.
About you To be successful you will have: Qualifications Bachelor's degree in Cyber Security, IT, computer science or a related field of study.
Essential Demonstrable experience in a cyber security analyst role.
A solid grasp of core security fundamentals and concepts.
Experience with cyber security incident response.
Can proactively identify and address security issues, as soon as they are identified.
Strong written and verbal communication skills.
Detail-oriented and have an analytical mindset.
Excellent analytical, planning, organisational and technical skills.
Ability to communicate complex information to non-experts.
An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business.
Desirable Tertiary education specifically in cyber security, SANS GIAC certifications.
Demonstrated experience with Microsoft Azure, Defender, Entra, Sentinel, Purview, CrowdStrike, Darktrace, Keeper, KnowBe4, SOCRadar.
Culture & Values Our values are the unseen drivers of our behaviours and ultimately become the organisational culture.
We're focused We're brave We rise Together Beyond Blue is committed to fostering and preserving a workplace that values diversity and inclusion.
We aim to grow and thrive as a diverse team with individual differences, life experiences, knowledge, self-expression, and talents.
In recruiting for our team, we welcome the unique contributions that you can bring in terms of education, opinions, culture, ethnicity, race, sex, gender identity and expression, nation of origin, age, languages spoken, colour, religion, ability, sexual orientation, and beliefs.
How to apply To apply, applications should include a current CV with a cover letter that addresses how your qualifications, skills and experience would be attributes to the position and why you would consider yourself to be a cultural addition to Beyond Blue.
For detailed information about this position including the closing date, please refer to the position description on our careers page (candidates who are viewing from a job board such as SEEK or LinkedIn, please refer to our careers page on our website).
Preferred candidates will be required to undertake pre-employment screening, including a National Police Check and where required, a Working with Children Check.
This job advertisement is open until Monday, 14 October 12:00pm.
We encourage early applications as interviews may commence before the closing date.
All applications will be treated with strict confidentiality.
