Canberra, ACT, Australia

Cyber Security Engineer

 Job Description:

Australian Citizens With the ability to obtain NV1 Clearance residing in Australia only respond.

  • Contract start 01 July 2023 to 30 June 2024, 2 x 12 months extensions.
  • Australian Citizen, ability to obtain NV1 Clearance, Canberra role.

Send your responses to jobs@softtestpays.com

Overview

The department requires an experienced cyber security engineer to assist with the following deliverables:

  1. Develop and maintain of SIEM alerts and dashboards to aid with threat detection.
  2. Work with Security Analysts to understand, develop and maintain automatic detection and response capabilities using available SOAR capabilities.
  3. Utilise available threat intelligence to enrich alerts.
  4. Develop and maintain team SOPs and playbooks for SIEM management and configuration, including, alert exclusions and alert tuning.
  5. Assist with the upkeep of the SecOps environment where needed.

Every application requires to address selection criteria as part of application submission.

Essential Criteria

1. Demonstrated experience managing/maintaining logging and SIEM technologies

2. Demonstrated knowledge of cyber security principles and processes in a defensive context

3. Demonstrated ability to develop alerting rules and dashboards to assist with threat detection and incident response.

4. Ability to learn and understand how the operating environment functions normally and effectively identify anomalies when they occur

5. Demonstrated experience with development practices and DevOps pipelines.

Desirable Criteria

1. Experience with Azure Sentinel, Kusto Query Language (KQL) and Azure logging mechanisms

2. Experience with Microsofts suite of security tools, including Azure Security Centre, Microsoft 365, and Microsoft Defender for tools (Endpoint, Identity, etc.)

3. Experience managing a Windows environment, including patching, Active Directory and Group Policy management.

4. Experience utilising threat intelligence services and tools such as MISP to enrich data and alerts that originate from SIEM and logging tools such as Syslog-ng.

Apply for this job
Or refer someone