Australian Citizens with NV1 Clearance residing in Australia only respond.

Job details

As a Cyber Security Incident Responder in the Cyber Security Incident Response Team (CSIRT), you will contribute by responding to cyber security incidents and enhancing the security posture of the Department.

Hands-on technical cyber security incident response expertise is required for this role as you will be performing technical analysis when responding to cyber security incidents.

Additionally, excellent verbal and written communication skills are required for this role as you will be collaborating with a range of internal and external stakeholders across all levels.

Key duties and responsibilities

Key duties and responsibilities include but are not limited to:

• Investigate and respond to potential and actual cyber security incidents end-to-end across the cyber security incident response lifecycle.
• Use provided tools and technologies to perform cyber security incident response.
• Drive cyber security incident communications, ensuring all parties are aware of incidents and their role in the process.
• Develop and maintain records and documentation related to cyber security incidents.
• Communicate and document technical findings and recommendations to technical and non-technical stakeholders through formal reporting, briefs, emails, and verbal advice.
• Facilitate recovery including post incident review, following resolution of cyber security incidents.
• Develop, maintain, and test the cyber security incident management policy and plan/procedures while ensuring compliance with regulatory requirements and best practice.
• Identify and drive technical improvements including but not limited to alert tuning.
• Maintain and optimise cyber security incident response processes.
• Mentor and upskill other team members.
• Other duties as directed.