Canberra, ACT, Australia

SIEM Specialist NV2

 Job Description:

Australian Citizens With NV2  Clearance previous defence experience preferred.

  • 5+ years experience designing, implementing and supporting centralized logging and SIEM solutions in large scale, geographically dispersed and security-hardened on-premise environments which operate in low-bandwidth and disconnected states;
  • 5+ years experience designing, implementing and supporting Elastic Stack (Elasticsearch, Logstash, Kibana, Beats);
  • Experience optimizing centralized logging and SIEM environments, including query optimization, performance tuning and indexing strategies;
  • Experience with creating and managing SIEM rules, models and dashboards
  • Experience implementing SSL/TLS, authentication and authorization in Elasticsearch, Splunk or equivalent;
  • Possess a good working knowledge of the following frameworks and standards: (Australian Information Security Manual (ISM), US National Institute of Standards and Technology (NIST), Information Security Management System (ISO27001);
  • Excellent knowledge and experience of the security threat landscape and related security mitigations;
  • Ability to take requirements, standards and frameworks and apply in a practical application to future proposed solution designs and systems;
  • Strong communication, interpersonal and negotiation skills with demonstrable experience of presentation and engagement with stakeholders, projects and business areas;
  • Ability to rapidly build, automate and deliver proof of concept systems to support analysis, testing, accreditation and development activities within a DevSecOps framework;
  • Ability to adapt quickly to changing requirements in a fast paced highly kinetic environment to meet changing deadlines and deliverables;
  • Ability to work under broad direction with a high level of autonomy; and,
  • Experience developing highly available/fault tolerant systems, networks and infrastructure in a connected, partially connected, degraded or often disconnected state.
  • Experience designing, implementing and supporting automation and orchestrated deployments of Elastic Stack;
  • Experience in supporting Red Hat Enterprise Linux
  • Experience with vulnerability management and compliance solutions for enterprise server environments using technologies such as Tenable Nessus,
  • Experience and/or knowledge in privileged access management solutions;
  • Proficient in scripting languages such as Bash, Python and Powershell
  • Previous experience in a Technical Architect and/or Senior Operational

Support role;