Cyber Security Analyst

Overview Australian Citizens residing in Australia with ability to obtain security clearance only respond. Contract start 18 September 2023 to 12 months, 12 months extensions. The Chief Information Officer Division is primarily responsible for the management of technology related solutions within the Agency. This includes managing Shared Services Information and Communication Technology (ICT) services and delivery of ICT projects. The Protective and Cyber Security Branch implements the requirements of the Protective Security Policy Framework (PSPF) and Information Security Manual (ISM) within the Agency. This is achieved by providing strategic, Agency-wide oversight of Security across security governance, information security, personnel security, physical security, and cyber security and operations. The Cyber Operations team is responsible for the identification, response, and remediation of security incidents across the organisation. About the Role The EL1 Senior Cyber Security Analyst is accountable under broad direction to undertake complex work across Cyber Security Operations functions. The role reports to the Assistant Director, CSOC Capability Development under the leadership of the Director of Cyber Security Operations. The successful candidate will work in a small team to develop and deliver capabilities for use by the Security Operations Centre (SOC). The capabilities include uplift tasks, process engineering, and large enterprise scale cyber security solutions. The Senior Cyber Security Analyst will also work closely with the SOC and other ICT teams to deliver capabilities. Responsibilities of the role include but are not limited to: Demonstrated experience in developing and implementing SOC tools, processes, and capabilities. Identifying, planning, and implementing enhancements to the Agency's threat landscape. Development of SOC standard operating procedures and playbooks in a fast-paced environment. Familiarity with cyber threat modelling techniques, and experience developing systems specific use cases, monitoring plans and cyber security incident response plans. Experience with cloud security tooling and cloud platforms (SIEM, SOAR, Vulnerability Management, Endpoint Security, AWS, Azure, O365) Development of cyber security metrics and reporting templates for cyber leadership and broader agency leadership. Work autonomously with limited direction and identify and drive work through to completion. Further develop and refine the solution architecture and design for cyber solutions. Communicate with influence to ensure deliverables are aligned to Corporate Plan and organisational priorities. (NOTE: the key responsibilities of the role are based on current priorities and may change over time) Role Specifications The role is required to be performed in a work environment that has the following core characteristics and requirements: Working in an open office environment (exposure to general workplace chatter) Working from home on occasion Working in a hot desk environment Significant periods of sitting at a counter or desk Operating a telephone Computer/screen-based work Ability to use computer/software applications including Microsoft Office and NDIA's client records management system (CRM) Assistance animals may be in the work area Security The following essential checks/clearances are required to perform the role: Australian Government Security Vetting Agency (AGSVA) clearance - a vetting process undertaken before an individual may have access to classified information and resources. This is only applicable to some positions within the NDIA that require the occupant to have access to classified Australian Government information Pre-Engagement Check - this is a mandatory pre-employment security screening process. All employees and contractors of NDIA must undertake a Pre-Engagement Check. This check is undertaken for any individual who will have non-public access to agency resources (information, buildings, systems, assets, staff, and customers) Every application requires to address selection criteria as part of application submission. NOTE: Please address the selection criteria with a maximum of 1000 words. Selection Criteria Minimum 5 years experience in IT, software, or cyber security related field Demonstrated experience in developing and implementing SOC tools, processes, and capabilities Australian citizenship with the ability to obtain security clearance Experience with cloud security tooling and cloud platforms (SIEM, SOAR, Vulnerability Management, Endpoint Security, AWS, Azure, O365) Highly developed written and verbal communication skills #J-18808-Ljbffr