1.JD – Threat Management Analyst
Position code: 004
Position Title: Threat Management Analyst
Department: Cyber Threat Intelligence Centre
Position Type: Permanent, Full Time
Position Band: Mid-Level / Senior
Location: Sydney CBD
Work Status: Full Time
To work as a SOC engineering resource on Secure Logic MSS projects, and to provide support, maintenance, and monitoring for Managed Security Services.
Summary of the Role
You will be joining a rapidly growing IT security organisation to become a part of our global Security Operations Centre team. You will be analysing security threats, responding to security threats, and implementing and maintaining of the company’s security services.
The successful candidate will have strong analytical and troubleshooting skills, strong security landscape knowledge, solid communication skills and a drive to deliver the best solution for our customers.
Threat Management Analyst (Tier 2, Tactical Warrior)
Advanced security incident handling and response
In-depth security analysis and forensics
Investigating security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting security
Security recommendations and remediation
Advanced SIEM configuration and customisation
Maintain internal relationships with Senior Management, and other business areas as required.
Tertiary degree in computer science or 3+ years in a related IT field.
Any of the following qualifications are regarded:
Security vendor certifications – Cisco/Juniper/Fortinet/etc.
Relevant security certifications (SANS/GIAC/CERT) are required (incident response / forensics / intrusion detection / etc.)
CISSP certification desired.
Penetration testing certifications desired.
10+ years of relevant experience is required.
Great understanding of security principles and technologies (access control, security protocols, threat and vulnerability management, incident and event management, etc.)
Strong technical understanding of the security landscape (attack vectors, tools, best practices for attack detection and mitigation)
Practical knowledge of security Service Operations processes (Incident and Event Management, Incident Isolation, Classification, and Escalation)
Practical experience with complex incident response, kill chain, remediation
Hands-on experience with Security Products (firewalls, IPS, VPN, malware protection endpoint protection)
Experience with SIEM implementation and customisation, advanced correlation
Advanced threat modelling and analysis
Strong experience with forensics tools
Good written and oral communication skills are required.
Work From Home
Flexible Work Hours