Cyber Security Analyst (SRSC) - Canberra

⁠⁠⁠Position Purpose

The National Disability Insurance Agency (NDIA or the Agency) Cyber Operations team is in the process of establishing a Service Reliability and Security Centre (SRSC). As part of the team the role will help ensure that NDIA has the capability to build and protect cyber-resilient information technology platforms and support strategic objectives. The Cyber Security Analyst will be required to support and contribute to the protection of the Agency’s systems, information and environment to support NDIA’s objectives to “build a world-leading National Disability Insurance Scheme”.

Duties

The Cyber Security Analyst will undertake technical cyber security activities under the leadership of line managers that report to the Director of Cyber Security Operations. The Cyber Security Analyst must possess and demonstrate technical competency in areas of cloud security (Azure/AWS), endpoint and network security, threat intelligence and hunting, data loss prevention, vulnerability management, and incident response.

The Cyber Security Analyst will work as part the Cyber Operations team within the SRSC to ensure NDIA has the capability to protect information assets, systems and environments to support strategic objectives. Please note this role will require working in a Service Reliability and Security Centre in Canberra with the potential for a requirement to work a rotating roster between 0700 and 1900 AEST.

The key responsibilities of the role are based on current priorities and may change over time key duties include:

• Help implement a SIEM and threat intelligence capability
• Help establish the incident response and vulnerability management capability
• Conducting proactive monitoring, investigation, and mitigation of security incidents
• Analysing security event data and identifying suspicious/malicious activity from networks and systems
• Perform incident response including initial and detailed investigation, computer forensics, chain of custody implications
• Responding to events and incidents using established Standard Operating Procedures (SOPs)
• Escalate complex incidents, and engage with Subject Matter Experts
• Research new and evolving threats and vulnerabilities to the Agencies threat landscape
• Conduct log analysis and develop visualisation and reporting within Splunk
• Identify critical data sources required by cyber for ingestion and normalisation into the SIEM
• Collaboration with Security Operations and IT engineers to implement security controls
• The ability to work with limited supervision and to quickly gain knowledge of in a range of technologies