CSIRO acknowledges the Traditional Owners of the land, sea and waters, of the area that we live and work on across Australia. We acknowledge their continuing connection to their culture and pay our respects to their Elders past and present. View our vision towards reconciliation.Child safetyCSIRO is committed to the safety and wellbeing of all children and young people involved in our activities and programs. View our Child Safe Policy.The opportunitySupportive and truly inclusive environment.Innovative and rewarding workplace with fantastic flexibility.Grow your career with Australia's premier research organisation.The Cyber Security Operations team operates within the Enterprise Platforms division as part of the wider Information Management & Technology (IMT) business unit, providing ongoing operational monitoring and assurance activities over enterprise security controls across the organisation.As a Senior Cyber Security Analyst, you will work in a fast-paced and complex environment whilst managing competing team and individual priorities. You'll require competence in a multitude of cyber security disciplines with primary responsibilities in the engineering and maintenance of complex enterprise-wide monitoring, threat detection, analytics and reporting services. You will demonstrate expertise in the investigation of complex cyber security events, including the analysis of indicators of compromise, attacks, telemetry data and alerts. You will also contribute to the evolving technical capabilities within the team and undertake professional development supporting the ever-changing cyber security environment.Your duties will include:Minimum of five (5) years' experience working in an ICT cyber security role within a large enterprise, system integrator or service provider space, or similar role, such as network/infrastructure/systems engineering.Demonstrated experience using, managing and tuning endpoint security solutions (e.g. EDRs/XDRs).Demonstrated experience using, managing and tuning a SIEM or similar platform (e.g. Splunk, Sentinel).Demonstrated ability to apply analytical, conceptual thinking and broad technical skills to detect, identify, investigate, and manage malicious activity and behaviour, intrusions, compromises, threats and anomalies.Demonstrated experience with incident investigations and response or similar complex troubleshooting activities.Demonstrated ability to collaborate widely both internally and externally and provide advice and recommendations.Salary: AU$110k- AU$119k plus up to 15.4% superannuation.Reference: 97533.To be considered you will need:Engineer and implement security controls that integrate and enhance the monitoring, alerting, investigation and threat detection capabilities of the Cyber Security Operations team.Design and develop automations/integrations/tooling to enhance the detection and response capabilities of the team.Develop detection strategies including attack models, event correlations and use cases, to assist in further tuning detection capabilities and prevent incidents from recurring.Design, enhance and maintain the SIEM/SOAR infrastructure and services.Maintain, develop and enhance the advanced security control capabilities of the enterprise firewalls, such as threat detection and URL filtering policies.Maintain, develop and enhance the capability and integration of endpoint security control applications.Review and contribute to the security incident response plan and accompanying playbooks.Applications for this position are open to Australian Citizens Only.Appointment to this role is subject to provision of a national police check and the ability to obtain and maintain a security clearance at the NV1 level.Flexible working arrangementsWe work flexibly at CSIRO, offering a range of options for how, when and where you work.Diversity and inclusionWe are working hard to recruit people representing the diversity across our society, and ensure that all our people feel supported to do their best work and feel empowered to let their ideas flourish.About CSIROAt CSIRO Australia's national science agency, we solve the greatest challenges through innovative science and technology. We put the safety and wellbeing of our people above all else and earn trust everywhere because we only deal in facts. We collaborate widely and generously and deliver solutions with real impact.CSIRO is committed to values-based leadership to inspire performance and unlock the potential of our people.Join us and start creating tomorrow today!How to applyPlease apply online and provide a cover letter and CV that best demonstrate your motivation and ability to meet the requirements of this role.Wednesday 22nd of September 2024, 11:00pm AEST.Shortlisting for this role will take place as applications are received. We therefore reserve the right to close this vacancy once a suitable candidate has been appointed.Please consider applying as soon as possible.
#J-18808-Ljbffr